Page tree
Skip to end of metadata
Go to start of metadata

UDP Threats

  •  UDP Short Header
  • UDP Flood
  • UDP spoofed  boradcast  echo (Fraggle Attack)
  •  UDP attack  on  diag ports (Pepsi Attack)

RTP Threats

  • RTP rogue packets (after-call)
  • RTP flooding during call
  • RTP flooding attacks
  • RTP spoofing

SIP Threats

  • SDP malformed contents (Protos Test)
  • SIP malformed packet
  • SIP request message flood attack
  •   SIP response message flood attack
  • SIP Invite spoof
  • SIP Register spoof
  • SIP Registerfloodattack
  • SIP request spoof
  • SIP response spoof
  • SIP end-callattack

IP Threat

  • Unknown Protocol
  • ARP Flood (Poink Attack)
  • IP Stream Option
  • IP Spoofing
  • IP Source Route Option, Strict
  • IP Source Route Option, Loose
  • IP Short Header
  • IP Malformed Packet
  • IP bad Option
  • IP address Session Limit
  • Fragments – too many
  • Fragments, Large – Offset
  • Fragments – Storm
  • Fragments – Same Offset
  • Fragments – Reassembly w/different offsets (tear drop)
  • Fragments – Reassembly w/different offsets and padding (new tear attack)
  • Fragments – Reassembly w/different offsets and oversize (Bonk/Boink attack)
  • Fragments – Reassembly off by one IP header (Nestea attack)
  • Fragments – flood initial fragment only (Rose Attack)
  • Fragments – Deny

ICMP Threat

  • ICMP Source quench
  • ICMP mask request
  • ICMP large packet(>1472)
  • ICMP oversized packet(>65536) – ping of death/ssping attack)
  • ICMP info request
  • ICMP incompatible fragment (jolt attack)
  • ICMP flood
  • ICMP broadcast with spoofed source (Smurf/Pong attack)
  • ICMP error  packets flood (Trash attack)
  • ICMP spoofed unreachable (Click attack)
  • ICMP spoofed unreachable flood (smack/bloop/puke attack)

TCP Threat

  • TCP Packets without flag
  • TCP packets, oversized
  • TCP FIN bit with no ACK bit
  • TCP packet with URG/OOB flag (nuke attack)
  • TCP SYN fragments – reassembly with overlap (syndrop attack)
  • SYN fragment
  • SYN attack w/ip spoofing (land attack)
  • SYN attack (syn flood)
  • SYN and FIN bits set
  • Scan attack– TCP port
  • No labels