BEC 6200WZL User Manual download pdf (Page 91)

For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log but it

will not be able to protect against such attacks.

Hacker attack types recognized by the IDS

Intrusion Name

Detect Parameter

Blacklist

Type of Block

Duration

Drop Packet

Show Log

Ascend Kill

Ascend Kill data

Src IP

DoS

Yes

WinNuke

TCP

Port 135, 137~139,

Flag: URG

Src IP

DoS

Yes

Smurf

ICMP type 8

Des IP is broadcast

Dst IP

Victim

Protection

Yes

Land attack

SrcIP = DstIP

Yes

Echo/CharGen Scan

UDP Echo Port and

CharGen Port

Yes

Echo Scan

UDP Dst Port =

Echo(7)

Src IP

Scan

Yes

CharGen Scan

UDP Dst Port =

CharGen(19)

Src IP

Scan

Yes

X’mas Tree Scan

TCP Flag: X’mas

Src IP

Scan

Yes

IMAP

SYN/FIN Scan

TCP Flag: SYN/FIN

DstPort: IMAP(143)

SrcPort: 0 or 65535

Src IP

Scan

Yes

SYN/FIN/RST/ACK Scan

TCP,

No Existing session

And Scan Hosts

more than five.

Src IP

Scan

Yes

Net Bus Scan

TCP

No Existing session

DstPort = Net Bus

12345,12346, 3456

SrcIP

Scan

Yes

Back Orifice Scan

UDP, DstPort =

Orifice Port (31337)

SrcIP

Scan

Yes

SYN Flood

Max TCP Open

Handshaking Count

(Default 100 c/sec)

Yes

ICMP Flood

Max ICMP Count

(Default 100 c/sec)

Yes

ICMP Echo

Max PING Count

(Default 15 c/sec)

Yes

Src IP: Source IP Src Port: Source Port

Dst Port: Destination Port Dst IP: Destination IP

1 2 ... 86 87 88 89 90 91 92 93 94 95 96 ... 127 128

Comments to this Manuals

No comments

BEC 6200WZL User Manual Page 91

Comments to this Manuals

Related products and manuals for Routers BEC 6200WZL