Table of Contents
Advertisement
Alteon Application Switch Operating System Application Guide
Advanced Denial of Service Protection
DoS Attack
Description
FullXmasScan A TCP packet with all control bits
set.
FinScan
A TCP packet with only the FIN bit
set.
VecnaScan
A TCP packet with only the URG,
PUSH, URG|FIN, PSH|FIN, or
URG|PSH bits set.
Xmascan
Sequence number is zero and the
FIN, URG, and PSH bits are set.
SYNFIN Scan
SYN and FIN bits set in the packet.
FlagAbnormal A TCP packet with an abnormal
control bit combination set.
SynData
A TCP packet with the SYN bit set
and that also has a payload.
SynFrag
A TCP packet with the SYN and more
fragments bits set.
FTPPort
A TCP packet with a source port of
20, a destination port of less than
1024 and the SYN bit set.
DNSPort
A TCP packet with a source port of
53, a destination port of less than
1024 and the SYN bit set.
SeqZero
A TCP packet with a sequence
number of zero.
AckZero
A TCP packet with an
acknowledgement number of zero
and the ACK bit set.
TCPOptLen
A TCP packet with a TCP options
length of less than two or where the
TCP options length is greater than
the TCP header length.
UDPLen
An UDP packet with a UDP header
length of less than 8 bytes or where
the IP data length is less than the
UDP header length.
608
Table 50: DoS Attacks Detected by Alteon
Action
Alteon checks for TCP packets with all of the
control bits set, and drops any matching
packets.
Alteon checks for TCP packets with only the
FIN bit set, and drops any matching packets.
Alteon checks for TCP packets with only the
URG, PUSH, URG|FIN, PSH|FIN, or URG|PSH
bits set and drops any matching packets.
Alteon checks for any TCP packets where the
sequence number is zero and the FIN, URG,
and PSH bits are set, and drops any
matching packets.
Alteon checks for TCP packets with the SYN
and FIN bits set, and drops any matching
packets.
Alteon checks for an abnormal control bit
combination, and drops any matching
packets.
Alteon checks for TCP packets with the SYN
bit set and that also has a payload, and
drops any matching packets.
Alteon checks for TCP packets with the SYN
and more fragments bits set, and drops any
matching packets.
Alteon checks for TCP packets with a source
port of 20, a destination port of less than
1024, and the SYN bit set, and drops any
matching packets.
Alteon checks for TCP packets with a source
port of 53, a destination port of less than
1024, and the SYN bit set and drops any
matching packets.
Alteon checks for TCP packets with a
sequence number of zero, and drops any
matching packets.
Alteon checks for TCP packets with an
acknowledgement number of zero and the
ACK bit set, and drops any matching packets.
Alteon checks for TCP packets with a TCP
options length of less than two or where the
TCP options length is greater than the TCP
header length, and drops any matching
packets.
Alteon checks for UDP packets with a UDP
header length of less than 8 bytes or where
the IP data length is less than the UDP
header length, and drops any matching
packets.
Document ID: RDWR-ALOS-V2900_AG1302
- Quick Links:
- Part 1-Basic Features
Hide quick links:
Advertisement
Table of Contents
