McAfee Firewall
Attack | Description | Risk |
|
| Factor |
|
|
|
Newtear | A Denial of Service (DoS) attack that usually causes computers with a | High |
| Windows |
|
| usually harmful to the computer itself, data from running applications will |
|
| most certainly be lost. |
|
|
|
|
Oshare | A Denial of Service (DoS) attack caused by sending a unique packet | High |
| structure to your computer. The results of these attacks can vary from a |
|
| complete system crash, increased CPU load, or momentary delays, |
|
| depending upon your computer’s configuration. This will affect almost all |
|
| versions of Windows 98 and |
|
| based on the hardware involved. |
|
|
|
|
Ping Flood | This attack involves sending very large numbers of ICMP ECHO (PING) | High |
| requests to the host under attack. This attack is particularly effective when |
|
| the attacker has a faster network connection than the victim. |
|
|
|
|
Ping of Death | With this attack, a remote user can cause your system to reboot or panic | High |
| by sending it an oversized PING packet. This is done by sending a |
|
| fragmented packet larger than 65536 bytes in length, causing the remote |
|
| system to incorrectly process the packet. The result is that the remote |
|
| system will reboot or panic during processing. |
|
|
|
|
Port Scanning | While not an attack in and of itself, a port scan often indicates that an | Low |
| attacker has begun looking at your system for potential weaknesses. A |
|
| port scan consists of checking every TCP and/or UDP port to see what |
|
| services (and hence, what vulnerabilities) might be present. |
|
|
|
|
Saihyousen | The Saihyousen attack may cause some firewalls to crash. It is caused by | High |
| an attacker sending a stream of UDP packets. |
|
|
|
|
Smurf | This attack is carried out by sending an ICMP ECHO REQUEST (PING) | High |
| packet with a forged source address matching that of the target system. |
|
| This packet is sent to “amplifier” networks — networks that allow sending |
|
| packets to the broadcast address — so that every machine on the |
|
| amplifier network will respond to what they think is a legitimate request |
|
| from the target. As a result, the target system is flooded with ICMP ECHO |
|
| REPLY messages, causing a denial of service attack. |
|
|
|
|
SynDrop | Overlapping fragmented data sent by an attacker causes your computer to | High |
| become unstable and or crash. Unsaved data could be lost. |
|
|
|
|
Syn Flood | This attack can be used to completely disable your network services by | High |
| flooding them with connection requests. This will fill the queue which |
|
| maintains a list of unestablished incoming connections, forcing it to be |
|
| unable to accept additional connections. |
|
|
|
|
Teardrop | On vulnerable systems, it is possible to take advantage of a flaw in the | High |
| way the TCP/IP stack handles fragmented packet reassembly to consume |
|
| available memory resources. By sending a specially crafted IP datagram, |
|
| this attack can cause many operating systems to hang or reboot. |
|
|
|
|
Product Guide | 87 |
