A SERVICE OF

logo

Open as PDF
next previous
cannot protect against such attacks.
Table 2: Hacker attack types recognized by the IDS
Intrusion Name Detect Parameter Blacklist
Type of Block
Duration
Drop
Packet
Show Log
Ascend Kill Ascend Kill data Src IP DoS Yes Yes
WinNuke
TCP
Port 135,
137~139, Flag:
URG
Src IP DoS Yes Yes
Smurf
ICMP type 8
Des IP is
broadcast
Dst IP
Victim
Protection
Yes Yes
Land attack SrcIP = DstIP Yes Yes
Echo/CharGen
Scan
UDP Echo Port
and CharGen Port
Yes Yes
Echo Scan
UDP Dst Port =
Echo(7)
Src IP Scan Yes Yes
CharGen Scan
UDP Dst Port =
CharGen(19)
Src IP Scan Yes Yes
X’mas Tree Scan TCP Flag: X’mas Src IP Scan Yes Yes
IMAP
SYN/FIN Scan
TCP Flag: SYN/
FIN
DstPort:
IMAP(143)
SrcPort: 0 or
65535
Src IP Scan Yes Yes
SYN/FIN/RST/ACK
Scan
TCP,
No Existing
session And Scan
Hosts more than
ve.
Src IP Scan Yes Yes
Net Bus Scan
TCP
No Existing
session
DstPort = Net Bus
12345,12346,
3456
SrcIP Scan Yes Yes
Back Orice Scan
UDP, DstPort
= Orice Port
(31337)
SrcIP Scan Yes Yes
SYN Flood
Max TCP Open
Handshaking
Count (Default
100 c/sec)
Yes
79