ZyXEL Vantage CNM User Guide - Page 177
Table 62
View all ZyXEL Vantage CNM manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 177 highlights
Chapter 6 Device Security Settings To see signatures for a specific intrusion type, select that type from the Attack Type list box. Figure 70 Device Operation > Device Configuration > Security > IDP > Signature > Attack Types The following table describes each attack type. Table 62 Device Operation > Device Configuration > Security > IDP > Signature > Attack Types TYPE DESCRIPTION DDoS The goal of Denial of Service (DoS) attacks is not to steal information, but to disable a device or network on the Internet. A distributed denialof-service (DDoS) attack is one in which multiple compromised systems attack a single target, thereby causing denial of service for users of the targeted system. BufferOverflow A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. The excess information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. AccessControl Scan TrojanHorse Other P2P Intruders could run codes in the overflow buffer region to obtain control of the system, install a backdoor or use the victim to launch attacks on other devices. Access control refers to procedures and controls that limit or detect access. Access control is used typically to control user access to network resources such as servers, directories, and files. Scan refers to all port, IP or vulnerability scans. Hackers scan ports to find targets. They may use a TCP connect() call, SYN scanning (halfopen scanning), Nmap etc. After a target has been found, a vulnerability scanner can be used to exploit exposures. A Trojan horse is a harmful program that's hidden inside apparently harmless programs or data. It could be used to steal information or remotely control a device. This category refers to signatures for attacks that do not fall into the previously mentioned categories. Peer-to-peer (P2P) is where computing devices link directly to each other and can directly initiate communication with each other; they do not need an intermediary. A device can be both the client and the server. In the device, P2P refers to peer-to-peer applications such as eMule, eDonkey, BitTorrent, iMesh etc. Vantage CNM User's Guide 177