Loading...
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router
Chapter 4: Configuration
71
Table 2: Hacker attack types recognized by the IDS
Intrusion Name Detect Parameter Blacklist Type of Block
Duration Drop Packet Show Log
Ascend Kill Ascend Kill data Src IP DoS Yes Yes
WinNuke
TCP
Port 135, 137~139,
Flag: URG
Src IP DoS Yes Yes
Smurf ICMP type 8
Des IP is broadcast Dst IP Victim
Protection Yes Yes
Land attack SrcIP = DstIP Yes Yes
Echo/CharGen Scan UDP Echo Port and
CharGen Port Yes Yes
Echo Scan UDP Dst Port =
Echo(7) Src IP Scan Yes Yes
CharGen Scan UDP Dst Port =
CharGen(19) Src IP Scan Yes Yes
X’mas Tree Scan TCP Flag: X’mas Src IP Scan Yes Yes
IMAP
SYN/FIN Scan
TCP Flag: SYN/FIN
DstPort: IMAP(143)
SrcPort: 0 or 65535
Src IP Scan Yes Yes
SYN/FIN/RST/ACK
Scan
TCP,
No Existing session
A
nd Scan Hosts
more than five.
Src IP Scan Yes Yes
Net Bus Scan
TCP
No Existing session
DstPort = Net Bus
12345,12346, 3456
SrcIP Scan Yes Yes
Back Orifice Scan UDP, DstPort =
Orifice Port (31337) SrcIP Scan Yes Yes
SYN Flood
Max TCP Open
Handshaking Count
(Default 100 c/sec)
Yes
ICMP Flood Max ICMP Count
(Default 100 c/sec) Yes
ICMP Echo Max PING Count
(Default 15 c/sec) Yes
Src IP: Source IP Src Port: Source Port
Dst Port: Destination Port Dst IP: Destination IP
Loading...
Terms of Use | Privacy Policy | DMCA Policy
2006-2020 Rsmanuals.com