Trojan Horse Attacks
177
Port Scanning
Port Scanning is the testing of ports to see which are active and which are
disabled. Although ports are scanned as part of normal traffic the
scanning of many ports in a short period of time is a common precursor
to an attack
Firewall Response:
None - the Firewall will allow
port scanning
but
will log all port scans to aid diagnosis. Ports not in use will be disabled by
the Firewall.
IP Spoofing
IP Spoofing
is a method of masking the identity of an intrusion by making
it appear that the traffic came from a different computer. This is used by
intruders to keep their anonymity and can be used in a
Denial of Service
attack.
Firewall Response:
The Firewall will drop any spoofed packets log the
event and alert the administrator.
Trojan Horse
Attacks
Trojan Horse
attacks rely on a piece of software installed within your
network prior to the attack. Attacks vary in severity and effect from
showing messages on screen or crashing an individual PC to theft of
information and infiltration of the network.
The
Firewall
blocks attacks in two ways:
■
Known
Trojan Horse
attacks are identified and blocked.
■
Ports not in use are blocked by default.
Trojan Horse
attacks that the firewall is capable of blocking include:
Back Orifice, ini killer,
NetBus
,
NetSpy
,
Priority
,
Ripper
,
Senna Spy
,
Striker,
and
SubSeven
.
Using an anti-virus tool and updating the firmware of your Firewall as
soon as a new version is available will significantly increase your chance
of resisting a Trojan Horse attack.
DUA1611-0AAA02.book Page 177 Thursday, August 2, 2001 4:01 PM
Содержание 3C16111 - SuperStack 3 Firewall Web Site Filter
Страница 18: ...18 DUA1611 0AAA02 book Page 18 Thursday August 2 2001 4 01 PM ...
Страница 50: ...50 DUA1611 0AAA02 book Page 50 Thursday August 2 2001 4 01 PM ...
Страница 96: ...96 CHAPTER 6 USING THE FIREWALL DIAGNOSTIC TOOLS DUA1611 0AAA02 book Page 96 Thursday August 2 2001 4 01 PM ...
Страница 122: ...122 CHAPTER 8 ADVANCED SETTINGS DUA1611 0AAA02 book Page 122 Thursday August 2 2001 4 01 PM ...
Страница 150: ...150 CHAPTER 10 CONFIGURING HIGH AVAILABILITY DUA1611 0AAA02 book Page 150 Thursday August 2 2001 4 01 PM ...
Страница 152: ...152 DUA1611 0AAA02 book Page 152 Thursday August 2 2001 4 01 PM ...
Страница 166: ...166 CHAPTER 11 ADMINISTRATION AND ADVANCED OPERATIONS DUA1611 0AAA02 book Page 166 Thursday August 2 2001 4 01 PM ...
Страница 174: ...174 DUA1611 0AAA02 book Page 174 Thursday August 2 2001 4 01 PM ...
Страница 178: ...178 CHAPTER 13 TYPES OF ATTACK AND FIREWALL DEFENCES DUA1611 0AAA02 book Page 178 Thursday August 2 2001 4 01 PM ...
Страница 190: ...190 CHAPTER 14 NETWORKING CONCEPTS DUA1611 0AAA02 book Page 190 Thursday August 2 2001 4 01 PM ...
Страница 192: ...192 DUA1611 0AAA02 book Page 192 Thursday August 2 2001 4 01 PM ...
Страница 206: ...206 APPENDIX D TECHNICAL SUPPORT DUA1611 0AAA02 book Page 206 Thursday August 2 2001 4 01 PM ...
Страница 212: ...212 INDEX DUA1611 0AAA02 book Page 212 Thursday August 2 2001 4 01 PM ...
Страница 214: ...DUA1611 0AAA02 book Page 214 Thursday August 2 2001 4 01 PM ...