• United States
by nobody

Attack types used in IDS test

Nov 04, 20022 mins
Network Security

A look at the 28 attack types we used for our gigbit intrusion-detection systems test.

Name Type of Attack Method
Back Orifice Trojan horse Remote control of Win PC
Fragrouter Evasion of IDS Packet fragmentation, TCP segmentation
IIS ISAPI Host Exploit Exploits flaw in IIS
Jolt2 DoS Flooding of malformed packets
Linux 2.2x ICMP DoS Malformed ICMP packets
Nmap (plain) Surveillance or probe TCP port scan with 3-way handshake
Nmap (syn stealth) Surveillance or probe Port scan with incomplete 3-way handshake
Pingflood DoS ICMP flood
POP3 login buffer overflow DoS Buffer overflow
Statdx Exploit Exploit to server executing backdoor
SMTP VRFY Surveillance Check existence of user name
Stick Evasion of IDS Creates false positives
Synflood DoS Flooding to TCP port
Teardrop (targa2) DoS Flooding of malformed packets
Telnet brute force Remote-to-local exploit Password guessing
TFN2K master-to-zombie Trojan horse Remotely control Unix server
UDP flood DoS UDP flooding
Whisker (I1, I2, I7 and I8) Surveillance or probe Probe for exploitable CGIs
Win2K SMB DoS DoS Flooding with malformed data
Wuftpd 2.4.2 Exploit Exploits Washington University FTP daemon opening backdoor
*This list includes attacks run in both the non-evasion and evasion of IDS tests. We ran a total of 28 attacks, but some attacks were used in both tests.

  Back to review: Gigabit intrusion-detection systems