C
HAPTER
13
| Security Measures
DoS Protection
– 397 –
◆ Echo/Chargen Attack Rate – Maximum allowed rate.
(Range: 64-2000 kbits/second; Default: 1000 kbits/second)
◆ Smurf Attack – Attacks in which a perpetrator generates a large
amount of spoofed ICMP Echo Request traffic to the broadcast
destination IP address (255.255.255.255), all of which uses a spoofed
source address of the intended victim. The victim should crash due to
the many interrupts required to send ICMP Echo response packets.
(Default: Enabled)
◆ TCP Flooding Attack – Attacks in which a perpetrator sends a
succession of TCP SYN requests (with or without a spoofed-Source IP)
to a target and never returns ACK packets. These half-open
connections will bind resources on the target, and no new connections
can be made, resulting in a denial of service. (Default: Disabled)
◆ TCP Flooding Attack Rate – Maximum allowed rate. (Range: 64-2000
kbits/second; Default: 1000 kbits/second)
◆ TCP Null Scan – A TCP NULL scan message is used to identify listening
TCP ports. The scan uses a series of strangely configured TCP packets
which contain a sequence number of 0 and no flags. If the target's TCP
port is closed, the target replies with a TCP RST (reset) packet. If the
target TCP port is open, it simply discards the TCP NULL scan.
(Default: Enabled)
◆ TCP-SYN/FIN Scan – A TCP SYN/FIN scan message is used to identify
listening TCP ports. The scan uses a series of strangely configured TCP
packets which contain SYN (synchronize) and FIN (finish) flags. If the
target's TCP port is closed, the target replies with a TCP RST (reset)
packet. If the target TCP port is open, it simply discards the TCP SYN
FIN scan. (Default: Enabled)
◆ TCP Xmas Scan – A so-called TCP XMAS scan message is used to
identify listening TCP ports. This scan uses a series of strangely
configured TCP packets which contain a sequence number of 0 and the
URG, PSH and FIN flags. If the target's TCP port is closed, the target
replies with a TCP RST packet. If the target TCP port is open, it simply
discards the TCP XMAS scan. (Default: Enabled)
◆ UDP Flooding Attack – Attacks in which a perpetrator sends a large
number of UDP packets (with or without a spoofed-Source IP) to
random ports on a remote host. The target will determine that
application is listening at that port, and reply with an ICMP Destination
Unreachable packet. It will be forced to send many ICMP packets,
eventually leading it to be unreachable by other clients.
(Default: Disabled)
◆ UDP Flooding Attack Rate – Maximum allowed rate.
(Range: 64-2000 kbits/second; Default: 1000 kbits/second)
◆ WinNuke Attack – Attacks in which affected the Microsoft Windows
3.1x/95/NT operating systems. In this type of attack, the perpetrator
sends the string of OOB out-of-band (OOB) packets contained a TCP
To Next Page
Loading...
Need help?
General
