Manuals / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications 2602H-6XC manual What is Land attack?, What is Brute-force attack?

Models: 2602H-6XC

1 159
Download 159 pages 63.33 Kb
Page 120
Image 120

Prestige 2602H-6xC Support Notes

SYN-ACK, it queues up all outstanding SYN-ACK responses on what is known as a backlog queue. SYN-ACKs are moved off the queue only when an ACK comes back or when an internal timer (which is set a relatively long intervals) terminates the TCP three-way handshake. Once the queue is full , the system will ignore all incoming SYN requests, making the system unavailable for legitimate users.

What is LAND attack?

In a LAN attack, hackers flood SYN packets to the network with a spoofed source IP address of the targeted system. This makes it appear as if the host computer sent the packets to itself, making the system unavailable while the target system tries to respond to itself.

What is Brute-force attack?

A Brute-force attack, such as 'Smurf' attack, targets a feature in the IP specification known as directed or subnet broadcasting, to quickly flood the target network with useless data. A Smurf hacker flood a destination IP address of each packet is the broadcast address of the network, the router will broadcast the ICMP echo request packet to all hosts on the network. If there are numerous hosts, this will create a large amount of ICMP echo request packet, the resulting ICMP traffic will not only clog up the 'intermediary' network, but will also congest the network of the spoofed source IP address, known as the 'victim' network. This flood of broadcast traffic consumes all available bandwidth, making communications impossible.

What is IP Spoofing attack?

Many DoS attacks also use IP Spoofing as part of their attack. IP Spoofing may be used to break into systems, to hide the hacker's identity, or to magnify the effect of the DoS attack. IP Spoofing is a technique used to gain unauthorized access to computers by tricking a router or firewall into thinking that the communications are coming from within the trusted network. To engage in IP Spoofing, a hacker must modify the packet headers so that it appears that the packets originate from a trusted host and should be allowed through the router or firewall.

What are the default ACL firewall rules in Prestige?

There are two default ACLs pre-configured in the Prestige, one allows all connections from LAN to WAN and the other blocks all connections from WAN to LAN except of the DHCP packets.

120

All contents copyright (c) 2005 ZyXEL Communications Corporation.

Page 119 Page 121
Page 120
Image 120
ZyXEL Communications 2602H-6XC manual What is Land attack?, What is Brute-force attack?, What is IP Spoofing attack?
Page 119 Page 121