Chapter 30 Configuration: Security
GS1900 Series User’s Guide
208
PoD (Ping of Death) Layer 3 IPv4/IPv6 Ping of Death uses a "ping" utility to create and send an IP
packet that exceeds the maximum 65,536 bytes of data
allowed by the IP specification. This may cause systems to
crash, hang or reboot.
IPv6_FRAG_LEN_MIN Layer 3 IPv6 This attack uses IPv6 fragmented packets (excluding the last
one) whose payload length is less than 1240 bytes.
ICMP_FRAG_PKT Layer 3 IPv4/IPv6 This attack uses many small fragmented ICMP packets.
ICMPv4_PING_MAX /
ICMPv6_PING_MAX
Layer 3 IPv4/IPv6 This attack uses Ping packets whose length is larger than 512
bytes.
SMURF Layer 3 IPv4 This attack uses Internet Control Message Protocol (ICMP) echo
requests packets (pings) to cause network congestion or
outages.
SYNchronization (SYN), ACKnowledgment (ACK) and FINish (FIN) packets are used to initiate, acknowledge and
conclude TCP/IP communication sessions. The following scans exploit weaknesses in the TCP/IP specification and
try to illicit a response from a host to identify ports for an attack:
TCP_HDR_LEN_MIN Layer 3 IPv4 TCP packets with header length less than 20 bytes.
SYN_SPORT_LESS_1024 Layer 3 IPv4/IPv6 TCP SYN packets with source port less than 1024.
NULL_SCAN (Scan Attack) Layer 3 IPv4/IPv6 TCP sequence number is zero and all control bits are zeros.
XMAS (Scan Attack) Layer 3 IPv4/IPv6 TCP sequence number is zero and the FIN, URG and PSH bits are
set.
SYN_FIN Layer 3 IPv4/IPv6 SYN and FIN bits are set in the TCP packet.
Table 155 DoS Attack Types (continued)
TYPE PACKET TYPE DESCRIPTION
To Next Page
Loading...
