Port-attack – Amer Networks WLO220T CLI User Manual

. . . . .

C O M M A N D D E S C R I P T I O N S

policy

CLI Reference Guide

63

port-attack

set policy global port-attack { ... }

set policy global port-attack all

set policy global port-attack winnuke

unset policy global port-attack all

port-attack

Enables or disables port attacks.

[NOTE]

Small-servers block TCP and UDP on the following ports: 7,9,11,13,17,19, which

correspond to the TCP & UDP 'small servers' echo (7), discard (9), systat (11), daytime (13),
qotd (17), chargen (19). These servers are very rarely used for any legitimate purpose other
than for testing. These servers are typically disabled by default on most modern TCP/IP hosts,
but are sometimes they are used as the destination (and/or source) for attacks, especially
attacks designed to start a packet storm on a target network.



back-orifice is a Trojan Horse attack that, once executed on a remote computer, will

allow an attacker to perform illicit activities such as capturing screenshots or keyboard
commands, performing file transfers, or installing applications. Back Orifice
communicates over TCP and UDP port 31337.



senna-spy is a Trojan Horse attack that allows an attacker to perform illicit activities

on a remote computer communicating over UDP port 13000.



small-servers block TCP and UDP on the following ports: 7,9,11,13,17,19, which

correspond to the following TCP & UDP 'small servers' echo (7), discard (9), systat
(11), daytime (13), qotd (17), chargen (19). These servers are very rarely used for
any legitimate purpose other than for testing, and are typically disabled by default on
most modern TCP/IP hosts, but are sometimes used as the destination (and/or source)
for attacks, especially attacks designed to start a packet storm on a target network.



ini-killer is a Trojan Horse attack that allows an attacker to destroy .ini files on a remote

computer communicating over TCP port 9989.



netbus is a Trojan Horse attack for Windows 95/98/NT that, once executed on a

remote computer, will allow an attacker to perform illicit activities such as opening and
closing the CD-ROM, starting applications, showing different messages or even
redirecting a web browser to a specific URL on the Internet



netspy is a Trojan Horse attack that allows an attacker to perform illicit activities on a

remote computer communicating over TCP port 1024.



priority is a Trojan Horse attack that allows an attacker to perform illicit activities on a
remote computer communicating over TCP port 16969.



ripper is a Trojan Horse attack that allows an attacker to steal passwords from a

remote computer communicating over TCP port 2023.



striker is a Trojan Horse attack that allows an attacker to crash remote Windows PC’s

communicating over TCP port 2565.



sub-seven is a Trojan Horse attack that allows an attacker to perform illicit activities

on a remote computer communicating over TCP ports 6667, 6711 and 27374. This
Trojan is particularly dangerous and can send an IRC chat message to notify the hacker
that the system is up and running.