Dos Attack Types - ZyXEL Communications GS1900-8 User Manual

29.5.4 DoS Attack Types

The following t able describes t he t ypes of DoS at t acks t hat t he Swit ch can prevent when you enable
t he DoS feat ure on t he Swit ch and t he port ( s) .
Table 148 DoS At t ack Types
TYPE
DA_EQUAL_SA
LAND
UDP_BLAT / TCP_BLAT
( Blat At t ack)
PoD ( Ping of Deat h)
I Pv6_FRAG_LEN_MI N
I CMP_FRAG_PKT
I CMPv4_PI NG_MAX /
I CMPv6_PI NG_MAX
SMURF
SYNchronizat ion ( SYN) , ACKnowledgm ent ( ACK) and FI Nish ( FI N) packet s are used t o init iat e, acknowledge
and conclude TCP/ I P com m unicat ion sessions. The following scans exploit weaknesses in t he TCP/ I P
specificat ion and t ry t o illicit a response from a host t o ident ify port s for an at t ack:
TCP_HDR_LEN_MI N
SYN_SPORT_LESS_1024
NULL_SCAN ( Scan
At t ack)
XMAS ( Scan At t ack)
SYN_FI N
Chapter 29 Configuration: Security
PACKET TYPE DESCRIPTION
Layer 2 These at t acks result from sending a specially craft ed packet
t o a m achine where t he source MAC address is t he sam e as
t he dest inat ion MAC address. The syst em at t em pt s t o reply
t o it self, result ing in syst em lockup.
Layer 3 I Pv4/ I Pv6 These at t acks result from sending a specially craft ed packet
t o a m achine where t he source host I Pv4/ I Pv6 address is t he
sam e as t he dest inat ion host I Pv4/ I Pv6 address. The syst em
at t em pt s t o reply t o it self, result ing in syst em lockup.
Layer 3 I Pv4/ I Pv6 These at t acks result from sending a specially craft ed packet
t o a m achine where t he source host UDP/ TCP port is t he
sam e as t he dest inat ion host UDP/ TCP port . The syst em
at t em pt s t o reply t o it self, result ing in syst em lockup.
Layer 3 I Pv4/ I Pv6 Ping of Deat h uses a " ping" ut ilit y t o creat e and send an I P
packet t hat exceeds t he m axim um 65,536 byt es of dat a
allowed by t he I P specificat ion. This m ay cause syst em s t o
crash, hang or reboot .
Layer 3 I Pv6 This at t ack uses I Pv6 fragm ent ed packet s ( excluding t he last
one) whose payload lengt h is less t han 1240 byt es.
Layer 3 I Pv4/ I Pv6 This at t ack uses m any sm all fragm ent ed I CMP packet s.
Layer 3 I Pv4/ I Pv6 This at t ack uses Ping packet s whose lengt h is larger t han
512 byt es.
Layer 3 I Pv4 This at t ack uses I nt ernet Cont rol Message Prot ocol ( I CMP)
echo request s packet s ( pings) t o cause net work congest ion
or out ages.
Layer 3 I Pv4 TCP packet s wit h header lengt h less t han 20 byt es.
Layer 3 I Pv4/ I Pv6 TCP SYN packet s wit h source port less t han 1024.
Layer 3 I Pv4/ I Pv6 TCP sequence num ber is zero and all cont rol bit s are zeroes.
Layer 3 I Pv4/ I Pv6 TCP sequence num ber is zero and t he FI N, URG and PSH bit s
are set .
Layer 3 I Pv4/ I Pv6 SYN and FI N bit s are set in t he TCP packet .
GS1900 Series User's Guide
190