Edimax Technology AR-6024 User Manual

Ping of Death checking: Ping of Death is a type of DoS attack that uses a malformed

ICMP data packet that contains unusually large amounts of data that causes

TCP/IP to crash or behave irregularly. Enabling this will allow the firewall to filter

out packets containing Ping of Death properties.

Land Attack checking: Land attack is a type of DoS attack that works by sending a

spoofed packet containing the same source and destination IP address and port

(the victim’s IP address). This packet contains a connection request, resulting in a

handshake process. At the end of the handshake, the victim sends out an ACK

(ACKnowledge) request. Since the source and the destination are the same, the

victim receives the ACK request it just sent out. The received data does not

match what the victim is expecting, so it retransmits the ACK request. This

process repeats until the network crashes. Enabling the will allow the firewall to

filter out possible Land Attack packets.

Reassembly Attack checking: Reassembly Attack is a type of DoS attack that

exploits the weakness of the IP protocol reassembly process. As discussed

earlier in this user guide, packets undergo fragmentation when they exceed a

certain maximum size. Certain criteria define the packet fragmentation process so

that packets can be reassembled properly. In reassembly attack, the sub-packets

have malformed criteria (fragment offset), which can easily cause a system to

crash, freeze, or reboot. Enable this option to check for and filter out Reassembly

Attack packets.

SYN Flooding checking: Syn flooding is a type of DoS attack that is accomplished by

not sending the final acknowledgement to the receiving server’s SYN-ACK (SYN

chronize-ACKnowledge) in the final part of the handshake process. This causes

the serve to keep signaling until it is timed out. When a flood (many) of these

attacks are sent simultaneously, the server will probably overload and crash.

Enable SYN Flooding checking to filter out possible SYN flood packets.

ICMP Redirection checking: Also known as an ICMP storm attack or smurf attack,

ICMP redirection is another form of DoS. This attack is performed by sending

ICMP echo requests to a broadcast network node. The return IP address is

spoofed and replaced by the victim’s own address, causing it to send the request

back to itself. This causes the broadcast address to send it out to all the network

nodes in the broadcast area (usually the entire LAN). In turn, all those recipients

resend it back to the broadcast. The process repeats itself, gaining more

amplitude through each iteration and eventually causing a traffic overload and

crashing the network. Enable ICMP Redirection checking to filter out packets

38