A SERVICE OF

logo

Open as PDF
next previous
Billion BiPAC 8500/8501/8520/8521 SHDSL (VPN) Firewall Bridge/ Router
Chapter 4: Configuration
91
(PING).
For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log.
It cannot protect against such attacks. Table 2: Types of Hacker attack recognized by the IDS.
1
Detect
Parameter
Blacklist
Type of
Block
Duration
Drop
Packet
Show Log
Ascend Kill Ascend Kill data
Src IP
DoS Yes Yes
WinNuke
TCP
Port 135,
137~139, Flag:
URG
Src IP
DoS Yes Yes
Smurf
ICMP type 8
Des IP is
broadcast
Dst IP
Victim
Protection
Yes Yes
Land attack SrcIP = DstIP Yes Yes
Echo/CharGen
Scan
UDP Echo Port
and CharGen
Port
Yes Yes
Echo Scan
UDP Dst Port =
Echo(7)
Src IP
Scan Yes Yes
CharGen Scan
UDP Dst Port =
CharGen(19)
Src IP
Scan Yes Yes
X’mas Tree Scan
TCP Flag:
X’mas
Src IP
Scan Yes Yes
IMAP
SYN/FIN Scan
TCP Flag:
SYN/FIN
DstPort:
IMAP(143)
SrcPort: 0 or
65535
Src IP
Scan Yes Yes
SYN/FIN/RST/ACK
Scan
TCP,
No Existing
session And
Scan Hosts
more than five.
Src IP
Scan Yes Yes
Net Bus Scan
TCP
No Existing
session
DstPort = Net
Bus
12345,12346,
3456
SrcIP Scan Yes Yes
Back Orifice Scan
UDP, DstPort =
Orifice Port
(31337)
SrcIP Scan Yes Yes
SYN Flood
Max TCP Open
Handshaking
Count (Default
100 c/sec)
Yes