4 denial of service, 1 basics, Figure 74 zyair firewall application – ZyXEL Communications G-2000 Plus User Manual

ZyAIR G-2000 Plus User’s Guide

Chapter 14 Firewalls

180

Figure 74 ZyAIR Firewall Application

14.4 Denial of Service

Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the
Internet. Their goal is not to steal information, but to disable a device or network so users no
longer have access to network resources. The ZyAIR is pre-configured to automatically detect
and thwart all known DoS attacks.

14.4.1 Basics

Computers share information over the Internet using a common language called TCP/IP. TCP/
IP, in turn, is a set of application protocols that perform specific functions. An extension
number, called the "TCP port" or "UDP port" identifies these protocols, such as HTTP (Web),
FTP (File Transfer Protocol), POP3 (E-mail), etc. For example, Web traffic by default uses
TCP port 80.

When computers communicate on the Internet, they are using the client/server model, where
the server "listens" on a specific TCP/UDP port for information requests from remote client
computers on the network. For example, a Web server typically listens on port 80. Please note
that while a computer may be intended for use over a single port, such as Web on port 80,
other ports are also active. If the person configuring or managing the computer is not careful, a
hacker could attack it over an unprotected port.

Some of the most common IP ports are:

Table 58 Common IP Ports

21

FTP

53

DNS

23

Telnet

80

HTTP

25

SMTP

110

POP3