ZyXEL P-660HW-T1 v2 User Guide - Page 140
Types of DoS Attacks - exploit
View all ZyXEL P-660HW-T1 v2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 140 highlights
P-660HW-T v2 User's Guide Some of the most common IP ports are: Table 48 Common IP Ports 21 FTP 53 23 Telnet 80 25 SMTP 110 DNS HTTP POP3 9.4.2 Types of DoS Attacks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification. 3 Brute-force attacks that flood a network with useless data. 4 IP Spoofing. 5 "Ping of Death" and "Teardrop" attacks exploit bugs in the TCP/IP implementations of various computer and host systems. • Ping of Death uses a "ping" utility to create an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification. The oversize packet is then sent to an unsuspecting system. Systems may crash, hang or reboot. • Teardrop attack exploits weaknesses in the re-assembly of IP packet fragments. As data is transmitted through a network, IP packets are often broken up into smaller chunks. Each fragment looks like the original IP packet except that it contains an offset field that says, for instance, "This fragment is carrying bytes 200 through 400 of the original (non fragmented) IP packet." The Teardrop program creates a series of IP fragments with overlapping offset fields. When these fragments are reassembled at the destination, some systems will crash, hang, or reboot. 6 Weaknesses in the TCP/IP specification leave it open to "SYN Flood" and "LAND" attacks. These attacks are executed during the handshake that initiates a communication session between two applications. Figure 79 Three-Way Handshake 140 Chapter 9 Firewalls