NetComm G.SHDSL 4-port Security Modem Routers NB712 User Manual page 11

G.hdsl 4-port moddem router

Hide thumbs Also See for G.SHDSL 4-port Security Modem Routers NB712:

Specifications (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

page of 117

/ 117
Contents
Table of Contents
Bookmarks

Table of Contents

Ping of death

SYN Flood

ICMP Flood

UDP Flood

Land attack

Smurf attack

Fraggle Attack

IP Spooﬁng

NB712 / NB714 User Guide

YML829 Rev1

On the Internet, ping of death is a kind of denial of service

(DoS) attack caused by an attacker deliberately sending an

IP packet larger than the 65,536 bytes allowed by the IP

protocol. One of the features of TCP/IP is fragmentation; it

allows a single IP packet to be broken down into smaller

segments. Attackers began to take advantage of that feature

when they found that a packet broken down into fragments

could add up to more than the allowed 65,536 bytes.

Many operating systems didn't know what to do when they

received an oversized packet, so they froze, crashed, or

rebooted. Other known variants of the ping of death include

teardrop, bonk and nestea.

The attacker sends TCP connections faster than the

victim machine can process them, causing it to run out

of resources and dropping legitimate connections. A new

defence against this is to create "SYN cookies". Each side

of a connection has its own sequence number. In response

to a SYN, the attacked machine creates a special sequence

number that is a "cookie" of the connection and forgets

everything it knows about the connection. It can then

recreate the forgotten information about the connection

where the next packets come in from a legitimate

connection.

The attacker transmits a volume of ICMP request packets to

cause all CPU resources to be consumed serving the phony

requests.

The attacker transmits a volume of requests for UDP

diagnostic services which cause all CPU resources to be

consumed serving the phony requests.

The attacker attempts to slow your network down by sending

a packet with identical source and destination addresses

originating from your network.

Where the source address of a broadcast ping is forged so

that a huge number of machines respond back to the victim

indicated by the address, thereby overloading it.

A perpetrator sends a large amount of UDP echo packets

at IP broadcast addresses, all of it having a spoofed source

address of a victim.

IP Spooﬁng is a method of masking the identity of an

intrusion by making it appear that the trafﬁc came from a

different computer. This is used by intruders to keep their

anonymity and can be used in a Denial of Service attack.

Table of Contents

Need help?

Do you have a question about the G.SHDSL 4-port Security Modem Routers NB712 and is the answer not in the manual?

Questions and answers

Related Products for NetComm G.SHDSL 4-port Security Modem Routers NB712

This manual is also suitable for:

Nb712 Nb714

NetComm G.SHDSL 4-port Security Modem Routers NB712 User Manual page 11

Need help?

Questions and answers

Related Manuals for NetComm G.SHDSL 4-port Security Modem Routers NB712

Related Products for NetComm G.SHDSL 4-port Security Modem Routers NB712

This manual is also suitable for:

Table of Contents