NetComm NB712 manual Ping of death, SYN Flood, Icmp Flood, UDP Flood, Land attack, Smurf attack

Page 11

Ping of death	On the Internet, ping of death is a kind of denial of service
	(DoS) attack caused by an attacker deliberately sending an
	IP packet larger than the 65,536 bytes allowed by the IP
	protocol. One of the features of TCP/IP is fragmentation; it
	allows a single IP packet to be broken down into smaller
	segments. Attackers began to take advantage of that feature
	when they found that a packet broken down into fragments
	could add up to more than the allowed 65,536 bytes.
	Many operating systems didn’t know what to do when they
	received an oversized packet, so they froze, crashed, or
	rebooted. Other known variants of the ping of death include
	teardrop, bonk and nestea.
SYN Flood	The attacker sends TCP connections faster than the
	victim machine can process them, causing it to run out
	of resources and dropping legitimate connections. A new
	defence against this is to create “SYN cookies”. Each side
	of a connection has its own sequence number. In response
	to a SYN, the attacked machine creates a special sequence
	number that is a “cookie” of the connection and forgets
	everything it knows about the connection. It can then
	recreate the forgotten information about the connection
	where the next packets come in from a legitimate
	connection.
ICMP Flood	The attacker transmits a volume of ICMP request packets to
	cause all CPU resources to be consumed serving the phony
	requests.
UDP Flood	The attacker transmits a volume of requests for UDP
	diagnostic services which cause all CPU resources to be
	consumed serving the phony requests.
Land attack	The attacker attempts to slow your network down by sending
	a packet with identical source and destination addresses
	originating from your network.
Smurf attack	Where the source address of a broadcast ping is forged so
	that a huge number of machines respond back to the victim
	indicated by the address, thereby overloading it.
Fraggle Attack	A perpetrator sends a large amount of UDP echo packets
	at IP broadcast addresses, all of it having a spoofed source
	address of a victim.
IP Spooﬁng	IP Spooﬁng is a method of masking the identity of an
	intrusion by making it appear that the trafﬁc came from a
	different computer. This is used by intruders to keep their
	anonymity and can be used in a Denial of Service attack.

NB712 /	NB714 User Guide	11
YML829	Rev1

Image 11

Contents Page Contents NB714 User Guide Introduction FeaturesPackage Contents Security SpeciﬁcationRouting BridgingWAN Interface IndicatorsATM QoS AAL5 EncapsulationProduct Information ApplicationPhysical/Electrical MemoryFirewall There are three types of ﬁrewall Types of FirewallPacket Filtering Application Gateway Denial of Service AttackCircuit Gateway UDP Flood Ping of deathSYN Flood Icmp FloodFrame Speciﬁcation Vlan Virtual Local Area NetworkVID uniquely identiﬁes the Vlan to which the frame belongs ApplicationsLED status Getting to know the routerFront Panel LAN 1,2,3,4 Rear PanelCheck the Ethernet Adapter in PC Connecting your G.SHDSL Modem RouterCheck the Terminal Access Program Determine Connection SettingBridge EoA Route EoA IPoA PPPoA Port router with network topology Install the Shdsl RouterPPPoE Cross-over Ethernet cables can be usedConﬁguration via Web Browser Router, which will lose any previous conﬁguration Click Basic for basic installation Basic SetupSystem error or disconnection Enter Host Name Bridge ModeLAN Parameters Enter VPI Enter VCI Click LLC Click Next WAN1 ParametersRouting Mode LAN IP Type Click Next to setup WAN1 parametersDhcp Client Subnet Mask Dhcp ServerIP type IP AddressDNS Server Trigger Dhcp ServiceRelay Dhcp relayFor more information, refer to the section on NAT/DMZ PPPoE or PPPoAAAL5 Encap ProtocolIdle Time PasswordPassword Conﬁrm UsernameEprom Gateway IPoA or EoAEprom Advanced Setup Data Rate Annex TypeLink Type Data rateReconnect for better line connection Shdsl SNR marginMargin range is from 0 to Margin, the better the line connectionWAN PCR Peak Cell Rate in kbps QoS Quality of ServiceUBR Unspeciﬁed Bit Rate CBR Constant Bit RateBridge Eprom Vlan Packets PvidPress Modify RIP ModeRoute Auto RIP SummaryPoison Reverse Authentication requiredRIP Version NAT/DMZ Count Global Start IP Address Multi-DMZMulti-NAT Virtual Start IP AddressVirtual Server Basic Firewall Security FirewallAutomatic Firewall Security Connections and will be unresponsive Advanced Firewall SecurityClick Advanced Firewall Security and then press Finish SYN AttackPing of death attack attempts to crash your system by Addresses originating from your networkDest. IP Address DirectionDescription Src. IP AddressFiltering rule will be conﬁgured as follow Filtering Rule for Smtp connectionFiltering Result Update Filtering Rule10.0.0.0 172.16.6.0 Permit 10.1.99.0 172.16.0.0 Deny Any When the rule is ordered as ABCRule Order IP QoS NB714 User Guide Administration Security NB712 / NB714 User Guide MIB SnmpCommunity Snmp statusVersion Community Click on Time Sync Time SyncTime Zone Sntp serviceTime Server Utility System Info Lose all the conﬁgured parameters Restore ConﬁgurationBackup Conﬁguration 10.2 Conﬁg ToolUpgrade To logout the router, press logout LogoutRestart You can monitor the following StatusLAN Parameters LAN-to-LAN connection with bridge ModeCO side Enter VPI Enter VCI Encap WAN1 ParametersEnter IP 192.168.1.1 Enter Subnet Mask Enter Gateway 192.168.1.1 Enter Host NameVCI32 EncapLLC CPE SideHost Name Enter Soho IP Address 192.168.20.1 Subnet Mask 255.255.255.0 Host Name LAN to LAN Connection with Routing ModeDhcp Service Click Route and CO Side then press NextWAN Parameters Click Next to setup the IP parametersIP Address 192.168.10.1 Subnet Mask 255.255.255.0 Host Name Click Route and CPE Side then press Next192.168.30.2 Baudrate 9600 Data Bits Parity Check Stop Bits Flow-control Useradmin PasswordSerial Console TelnetOperation Interface Window structure Ctrl + C To quit the conﬁguring item Ctrl + Q For help Menu Driven Interface CommandsTo choose another parameters Menu Tree 14.7 Conﬁguration Exit Quit system Ping Packet internet groper command AdminDone via utility command UtilityStatus Script ShowSystem ConﬁgPing RebootAdministration WriteUser Proﬁle Edit Community Entry List Show SnmpSupervisor Password and ID Move the cursor to timeserver1 and press enter Move the cursor to service and press enterSntp Move the cursor to sntp and press enterMove the cursor to list and review the setting Mode SetupUtility ExitShdsl 14.16.3 WAN After enter add menu, the screen will prompt as follow BridgeMove the cursor to vlan and press enter VlanFor each VLAN, Vlan ID is a unique number among 1~4095 14.16.6 802.11Q VlanFollow the following steps to conﬁgure 802.11q Vlan Screen will display the following Generic command can setup RIP mode and auto summery modeYou can review the list of RIP parameters via list command RouteIP share 14.16.8 LANYou can conﬁgure NAT parameters in nat menu 14.16.10 NATMapping After key in enter, the screen will prompt as below 14.16.11 PATFirewall You can enable the demilitarized zone via active commandﬁrewall security level can conﬁgure via level command 14.16.12 DMZActive DoS Protection IPQoS Dhcp You can view the Dhcp conﬁguration via list commandHost name DefaultDNS proxy 100Mbps Appendix a Cable InformationRJ-45 Network Ports 10MbpsCross-Over Cabling Straight and crossover cable conﬁgurationStraight-Through Cabling TxD Shdsl Line Connector Console CableNo connection RxD OContact Information Appendix B Registration and Warranty InformationProduct Warranty