ZyXEL Communications P-660HW-TX Manual De Usuario
P-660HW-Tx v2 Series Support Notes
There are four types of DoS attacks:
1. Those that exploits bugs in a TCP/IP implementation such as Ping of
Death and Teardrop.
2. Those that exploits weaknesses in the TCP/IP specification such as
SYN Flood and LAND Attacks.
3. Brute-force attacks that flood a network with useless data such as
Smurf attack.
4. IP Spoofing
7. What is Ping of Death attack?
Ping of Death uses a 'PING' utility to create an IP packet that exceeds the
maximum 65535 bytes of data allowed by the IP specification. The oversize
packet is then sent to an unsuspecting system. Systems may crash, hang, or
reboot.
maximum 65535 bytes of data allowed by the IP specification. The oversize
packet is then sent to an unsuspecting system. Systems may crash, hang, or
reboot.
8. What is Teardrop attack?
Teardrop attack exploits weakness in the reassemble of the IP packet
fragments. As data is transmitted through a network, IP packets are often
broken up into smaller chunks. Each fragment looks like the original packet
except that it contains an offset field. The Teardrop program creates a series of
IP fragments with overlapping offset fields. When these fragments are
reassembled at the destination, some systems will crash, hang, or reboot.
fragments. As data is transmitted through a network, IP packets are often
broken up into smaller chunks. Each fragment looks like the original packet
except that it contains an offset field. The Teardrop program creates a series of
IP fragments with overlapping offset fields. When these fragments are
reassembled at the destination, some systems will crash, hang, or reboot.
9. What is SYN Flood attack?
SYN attack floods a targeted system with a series of SYN packets. Each
packet causes the targeted system to issue a SYN-ACK response, While the
targeted system waits for the ACK that follows the SYN-ACK, it queues up all
outstanding SYN-ACK responses on what is known as a backlog queue.
SYN-ACKs are moved off the queue only when an ACK comes back or when
an internal timer (which is set a relatively long intervals) terminates the TCP
three-way handshake. Once the queue is full, the system will ignore all
incoming SYN requests, making the system unavailable for legitimate users.
packet causes the targeted system to issue a SYN-ACK response, While the
targeted system waits for the ACK that follows the SYN-ACK, it queues up all
outstanding SYN-ACK responses on what is known as a backlog queue.
SYN-ACKs are moved off the queue only when an ACK comes back or when
an internal timer (which is set a relatively long intervals) terminates the TCP
three-way handshake. Once the queue is full, the system will ignore all
incoming SYN requests, making the system unavailable for legitimate users.
10. What is LAND attack?
In a LAN attack, hackers flood SYN packets to the network with a spoofed
source IP address of the targeted system. This makes it appear as if the host
computer sent the packets to itself, making the system unavailable while the
target system tries to respond to itself.
source IP address of the targeted system. This makes it appear as if the host
computer sent the packets to itself, making the system unavailable while the
target system tries to respond to itself.
23
All contents copyright © 2006 ZyXEL Communications Corporation.