Types Of Dos Attacks; Table 7-1 Common Ip Ports - ZyXEL Communications ZyXEL ZyWALL 50 User Manual

ZyWALL 50 Internet Security Gateway
for use over a single port, such as Web on port 80, other ports are also active. If the person configuring or
managing the computer is not careful, a hacker could attack it over an unprotected port.
Some of the most common IP ports are:
21
23
25

7.4.2 Types of DoS Attacks

There are four types of DoS attacks:
1. Those that exploit bugs in a TCP/IP implementation.
2. Those that exploit weaknesses in the TCP/IP specification.
3. Brute-force attacks that flood a network with useless data.
4. IP Spoofing.
1. "Ping of Death" and "Teardrop" attacks exploit bugs in the TCP/IP implementations of various
computer and host systems.
1-a Ping of Death uses a "ping" utility to create an IP packet that exceeds the maximum 65,536
bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting
system. Systems may crash, hang or reboot.
1-b Teardrop attack exploits weaknesses in the reassembly of IP packet fragments. As data is
transmitted through a network, IP packets are often broken up into smaller chunks. Each fragment
looks like the original IP packet except that it contains an offset field that says, for instance, "This
fragment is carrying bytes 200 through 400 of the original (non fragmented) IP packet." The
Teardrop program creates a series of IP fragments with overlapping offset fields. When these
fragments are reassembled at the destination, some systems will crash, hang, or reboot.
2. Weaknesses in the TCP/IP specification leave it open to "SYN Flood" and "LAND" attacks. These
attacks are executed during the handshake that initiates a communication session between two
applications.
7-4

Table 7-1 Common IP Ports

FTP 53
Telnet 80
SMTP 110
DNS
HTTP
POP3
Firewalls