150M Wireless-N AP/ Broadband Router
(iB-WRB150NE)
51
10.4 DoS
DoS Prevention will detect attempts and provent your network from
attacking.
Flooding - The attack flooding requests in a short time, and cause the
service is not available for leggal requests because of the server busy
handling invalid flooding requests. This is the most wide used attack.
ICMP Smurf - Broadcast ICMP Smurf and Unicast ICMP Smurf are
available. In the first attack, a broadcast ICMP echo request will be sent,
and the network may be blocked while all hosts of the network sending
replies. This attack may have no effect when little hosts availabe in the
network; In the second attack, victim's IP address is used as source IP
address when sending ICMP echo requests. The victim host whill reply the
echo request to itself, which may cause the system crash.
IP Land - The attacker sends a TCP SYn packet with both source and
destination addresses set to the victim's own IP address. The victim will
reply SYN-ACK with to itself and create a null connection. Lots of
connections will use up the memory.
IP Spoof - The attacker sends lots of packets with a non-existed source IP
address, which may cause the server has no time handling legal requests
while busy waiting for the responses from the non-existed IP address.
IP Tear Drop - The attacker constructs invalid packets, i.e packets which
incorrect ip fragment offsets, overlapped fragments, which will cause the
victim host network stack crash.
Ping Of Death - The attacker sends a large ICMP request (greater than
65535), and cuase the victim host network stack crash.
UDP Bomb - The attacker constructs UDP packets with invalid fields set,
and cause the victim host network stack crash.
EchoChargen - The attacker sends lots of Echo Chargen request, and
cause the victim host has no memory for new requests.