N in, Figure 49, Table 15 – H3C Technologies H3C SecPath F1000-E User Manual

42

Figure 49 Intrusion detection statistics

Table 15 Field description

Field Description

Fraggle

A Fraggle attack occurs when an attacker sends large amounts of UDP echo requests
with the UDP port number being 7 or Chargen packets with the UDP port number being

19, resulting in a large quantity of junk replies and finally exhausting the bandwidth of

the target network.

ICMP Redirect

An ICMP redirect attacker sends ICMP redirect messages to a target to modify its
routing table, interfering with the normal forwarding of IP packets.

ICMP Unreachable

Upon receiving an ICMP unreachable response, some systems conclude that the
destination is unreachable and drop all subsequent packets destined for the

destination. By sending ICMP unreachable packets, an ICMP unreachable attacker
can cut off the connection between the target host and the network.

Land

A Land attack occurs when an attacker sends a great number of TCP SYN packets with
both the source and destination IP addresses being the IP address of the target,

exhausting the half-open resources of the victim and disabling the target from

providing services correctly.

Large ICMP

For some hosts and devices, large ICMP packets will cause memory allocation error
and crash down the protocol stack. A large ICMP attacker sends large ICMP packets
to a target to make it crash down.

Route Record

A route record attack exploits the route record option in the IP header to probe the
topology of a network.