Configurable firewall filters, Syn flood attack check, Source routing check – Symbol Technologies WS 2000 User Manual

Page 53: Winnuke attack check, Ftp bounce attack check, Ip unaligned timestamp check, Sequence number prediction check

Advertising
background image

Gateway—How to Configure the WS 2000 Firewall

Configurable Firewall Filters

The administrator can enabled or disabled the following filters. By default, all these filters
are activated. If it reasonable to turn off the filters if one of the following things is true:

• The switch is on a completely isolated network with no access to the Internet and is

therefore secure.

• The switch is heavily loaded a slight increase in performance outweighs the safety of

the network.

• Blocking these types of attacks would also block legitimate traffic on their network

(although this scenario is highly unlikely.

SYN Flood Attack Check

A SYN flood attack requests a connection and then fails to promptly acknowledge a
destination host’s response, leaving the destination host vulnerable to a flood of connection
requests.

Source Routing Check

A source routing attack specifies an exact route for a packet’s travel through a network,
while exploiting the use of an intermediate host to gain access to a private host.

Winnuke Attack Check

A “Win-nuking” attack uses the IP address of a destination host to send junk packets to its
receiving port. This attack is a type of denial of service (DOS) attack that completely
disables networking on systems Microsoft Windows 95 and NT. Because this attack is only
affective on older systems, it may not be necessary to enable this feature on a LAN with
newer Microsoft Windows operating systems or with systems that have the appropriate
“Winnuke” patches loaded.

FTP Bounce Attack Check

An FTP bounce attack uses the PORT command in FTP mode to gain access to arbitrary
ports on machines other than the originating client.

IP Unaligned Timestamp Check

An IP unaligned timestamp attack uses a frame with the IP timestamp option, where the
timestamp is not aligned on a 32-bit boundary.

Sequence Number Prediction Check

A sequence number prediction attack establishes a three-way TCP connection with a forged
source address, and the attacker guesses the sequence number of the destination host’s
response.

Copyright © 2004 Symbol Technologies, Inc. All Rights Reserved

53

WS 2000 Wireless Switch: 1.0 Date of last Revision: March 2004

Advertising
Popular Brands
Popular manuals