Billion 7404vgox Manuale Utente
cannot protect against such attacks.
Table 2: Hacker attack types recognized by the IDS
Intrusion Name Detect Parameter Blacklist Type of Block
Duration
Drop
Packet
Show Log
Ascend Kill
Ascend Kill data
Src IP
DoS
Yes
Yes
WinNuke
TCP
Port 135,
137~139, Flag:
URG
Src IP
DoS
Yes
Yes
Smurf
ICMP type 8
Des IP is
broadcast
Dst IP
Victim
Protection
Yes
Yes
Land attack
SrcIP = DstIP
Yes
Yes
Echo/CharGen
Scan
UDP Echo Port
and CharGen Port
Yes
Yes
Echo Scan
UDP Dst Port =
Echo(7)
Src IP
Scan
Yes
Yes
CharGen Scan
UDP Dst Port =
CharGen(19)
Src IP
Scan
Yes
Yes
X’mas Tree Scan TCP Flag: X’mas Src IP
Scan
Yes
Yes
IMAP
SYN/FIN Scan
TCP Flag: SYN/
FIN
DstPort:
IMAP(143)
SrcPort: 0 or
65535
Src IP
Scan
Yes
Yes
SYN/FIN/RST/ACK
Scan
TCP,
No Existing
session And Scan
Hosts more than
five.
Src IP
Scan
Yes
Yes
Net Bus Scan
TCP
No Existing
session
DstPort = Net Bus
12345,12346,
3456
SrcIP
Scan
Yes
Yes
Back Orifice Scan
UDP, DstPort
= Orifice Port
(31337)
SrcIP
Scan
Yes
Yes
SYN Flood
Max TCP Open
Handshaking
Count (Default
100 c/sec)
Yes
79