Symbol Technologies WS 2000 Switch User Manual


 
WAN Configuration 4-5
Blocking these types of attacks would also block legitimate traffic on their network (although this scenario is highly
unlikely.
Click the Apply button to save changes made on this screen.
SYN Flood Attack Check A SYN flood attack requests a connection and then fails to promptly acknowl-
edge a destination host’s response, leaving the destination host vulnerable to
a flood of connection requests.
Source Routing Check A source routing attack specifies an exact route for a packet’s travel through a
network, while exploiting the use of an intermediate host to gain access to a
private host.
Winnuke Attack Check A “Win-nuking” attack uses the IP address of a destination host to send junk
packets to its receiving port. This attack is a type of denial of service (DOS)
attack that completely disables networking on systems Microsoft Windows
95 and NT. Because this attack is only affective on older systems, it may not
be necessary to enable this feature on a LAN with newer Microsoft Windows
operating systems or with systems that have the appropriate “Winnuke”
patches loaded.
FTP Bounce Attack Check An FTP bounce attack uses the PORT command in FTP mode to gain access to
arbitrary ports on machines other than the originating client.
IP Unaligned Timestamp Check An IP unaligned timestamp attack uses a frame with the IP timestamp option,
where the timestamp is not aligned on a 32-bit boundary.
Sequence Number Prediction
Check
A sequence number prediction attack establishes a three-way TCP connection
with a forged source address, and the attacker guesses the sequence number
of the destination host’s response.
Mime Flood Attack Check A MIME flood attack uses an improperly formatted MIME header in “send-
mail” to cause a buffer overflow on the destination host.
Use the Max Header Length field to set the maximum allowable header
length. Set this value to be at least 256 bytes.
Use the Max Headers field to set the maximum number of headers allowed.
Set this value to be at least 12.