PAMSPAN501x G.SHDSL.bis EFM Gateway
-
80
WinNuke Attack
The attacker sends invalid TCP packets which disable networking on many
Microsoft Windows 95 and Windows NT machines. The exploit sent a string of
OOB (out of band) data to the target computer on TCP port 139 (NETBIOS),
causing it to lock up and display a Blue Screen of Death. This did not cause any
damage to, or change data on, the computer's hard disk, but any unsaved data
would be lost.
NetBIOS is often used. Traffic originating from the attacker is
blocked for 1800 seconds by default. To modify this default duration, enter:
security set IDS DOSattackblock <duration>
Echo Chargen
A chargen attack exploits character generator (chargen) service (UDP port 19).
Sessions that appear to come from the local system’s Echo service are spoofed
and pointed at the chargen service to create an endless loop of high volume traffic
that will slow your network down. Traffic originating from the attacker is blocked for
1800 seconds by default. To modify this default duration, enter:
security set IDS DOSattackblock <duration>