Billion Electric Company BiPAC 8501/8521 User Manual
Page 95
Billion BiPAC 8500/8501/8520/8521 SHDSL (VPN) Firewall Bridge/ Router
Chapter 4: Configuration
91
(PING).
For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log.
It cannot protect against such attacks. Table 2: Types of Hacker attack recognized by the IDS.
1
Detect
Parameter
Blacklist
Type of
Block
Duration
Drop
Packet
Show Log
Ascend Kill
Ascend Kill data Src IP
DoS
Yes
Yes
WinNuke
TCP
Port 135,
137~139, Flag:
URG
Src IP
DoS
Yes
Yes
Smurf
ICMP type 8
Des IP is
broadcast
Dst IP
Victim
Protection
Yes
Yes
Land attack
SrcIP = DstIP
Yes
Yes
Echo/CharGen
Scan
UDP Echo Port
and CharGen
Port
Yes
Yes
Echo Scan
UDP Dst Port =
Echo(7)
Src IP
Scan
Yes
Yes
CharGen Scan
UDP Dst Port =
CharGen(19)
Src IP
Scan
Yes
Yes
X’mas Tree Scan
TCP Flag:
X’mas
Src IP
Scan
Yes
Yes
IMAP
SYN/FIN Scan
TCP Flag:
SYN/FIN
DstPort:
IMAP(143)
SrcPort: 0 or
65535
Src IP
Scan
Yes
Yes
SYN/FIN/RST/ACK
Scan
TCP,
No Existing
session And
Scan Hosts
more than five.
Src IP
Scan
Yes
Yes
Net Bus Scan
TCP
No Existing
session
DstPort = Net
Bus
12345,12346,
3456
SrcIP
Scan
Yes
Yes
Back Orifice Scan
UDP, DstPort =
Orifice Port
(31337)
SrcIP
Scan
Yes
Yes
SYN Flood
Max TCP Open
Handshaking
Count (Default
100 c/sec)
Yes