Filter
Top Products
Billion 800VGT Router
Table 2: Hacker attack types recognized by the IDS
Intrusion
Name
Detect
Parameter
Blacklist
Type
of
Block
Duration
Drop
Packet
Show
Log
Ascend
Kill
Ascend
Kill
data
Src
IP
DoS
Yes
Yes
WinNuke
TCP
Port
135,
137~
139,
Flag:
URG
Src
IP
DoS
Yes
Yes
Smurf
ICMP
type
8
Des
IP
is
broadcast
Dst
IP
Victim
Protection
Yes
Yes
Land
attack
SrcIP
=
DstIP
Yes
Yes
Echo/CharGen
Scan
UDP
Echo
Port
and
CharGen
Port
Yes
Yes
Echo
Scan
UDP
Dst
Port
=
Echo(7)
Src
IP
Scan
Yes
Yes
CharGen
Scan
UDP
Dst
Port
=
CharGen(19)
Src
IP
Scan
Yes
Yes
X’mas
Tree
Scan
TCP
Flag:
X’mas
Src
IP
Scan
Yes
Yes
IMAP
SYN/FIN
Scan
TCP
Flag:
SYN/FIN
DstPort:
IMAP(143)
SrcPort:
0
or
65535
Src
IP
Scan
Yes
Yes
SYN/FIN/RST/ACK
Scan
TCP,
No
Existing
sessi
on
And
Scan
Host
s
more
than
five.
Src
IP
Scan
Yes
Yes
Net
Bus
Scan
TCP
No
Existing
session
DstPort
=
Net
Bus
12345,12346,
3456
SrcIP
Scan
Yes
Yes
Back
Orifice
Scan
UDP,
DstPort
=
Orifice
Port
(31337)
SrcIP
Scan
Yes
Yes
SYN
Flood
Max
TCP
Open
Handshaking
Count
(Default
100
c/sec)
Yes
ICMP
Flood
Max
ICMP
Count
(Default
100
c/sec)
Yes
ICMP
Echo
Max
PING
Count
(Default
15
c/sec)
Yes
Src
IP
:
Source
IP
Src
Port
:
Source
Port
Dst
Port
:
Destination
Port
Dst
IP
:
Destination
IP
65
Chapter
4:
Configuration