beautypg.com

NetComm G.SHDSL 4-port Security Modem Routers NB712 User Manual

Page 11

background image

NB712 / NB714 User Guide

11

YML829 Rev1

Ping of death

On the Internet, ping of death is a kind of denial of service
(DoS) attack caused by an attacker deliberately sending an
IP packet larger than the 65,536 bytes allowed by the IP
protocol. One of the features of TCP/IP is fragmentation; it
allows a single IP packet to be broken down into smaller
segments. Attackers began to take advantage of that feature
when they found that a packet broken down into fragments
could add up to more than the allowed 65,536 bytes.
Many operating systems didn’t know what to do when they
received an oversized packet, so they froze, crashed, or
rebooted. Other known variants of the ping of death include
teardrop, bonk and nestea.

SYN Flood

The attacker sends TCP connections faster than the
victim machine can process them, causing it to run out
of resources and dropping legitimate connections. A new
defence against this is to create “SYN cookies”. Each side
of a connection has its own sequence number. In response
to a SYN, the attacked machine creates a special sequence
number that is a “cookie” of the connection and forgets
everything it knows about the connection. It can then
recreate the forgotten information about the connection
where the next packets come in from a legitimate
connection.

ICMP Flood

The attacker transmits a volume of ICMP request packets to
cause all CPU resources to be consumed serving the phony
requests.

UDP Flood

The attacker transmits a volume of requests for UDP
diagnostic services which cause all CPU resources to be
consumed serving the phony requests.

Land attack

The attacker attempts to slow your network down by sending
a packet with identical source and destination addresses
originating from your network.

Smurf attack

Where the source address of a broadcast ping is forged so
that a huge number of machines respond back to the victim
indicated by the address, thereby overloading it.

Fraggle Attack

A perpetrator sends a large amount of UDP echo packets
at IP broadcast addresses, all of it having a spoofed source
address of a victim.

IP Spoofing

IP Spoofing is a method of masking the identity of an
intrusion by making it appear that the traffic came from a
different computer. This is used by intruders to keep their
anonymity and can be used in a Denial of Service attack.

This manual is related to the following products:
See also other documents in the category NetComm Hardware: