SBC Threat Protection

UDP Threats

•  UDP Short Header

• UDP Flood

• UDP spoofed  boradcast  echo (Fraggle Attack)

•  UDP attack  on  diag ports (Pepsi Attack)

RTP Threats

• RTP rogue packets (after-call)

• RTP flooding during call

• RTP flooding attacks

• RTP spoofing

SIP Threats

• SDP malformed contents (Protos Test)

• SIP malformed packet

• SIP request message flood attack

•   SIP response message flood attack

• SIP Invite spoof

• SIP Register spoof

• SIP Registerfloodattack

• SIP request spoof

• SIP response spoof

• SIP end-callattack

IP Threat

• Unknown Protocol

• ARP Flood (Poink Attack)

• IP Stream Option

• IP Spoofing

• IP Source Route Option, Strict

• IP Source Route Option, Loose

• IP Short Header

• IP Malformed Packet

• IP bad Option

• IP address Session Limit

• Fragments – too many

• Fragments, Large – Offset

• Fragments – Storm

• Fragments – Same Offset

• Fragments – Reassembly w/different offsets (tear drop)

• Fragments – Reassembly w/different offsets and padding (new tear attack)

• Fragments – Reassembly w/different offsets and oversize (Bonk/Boink attack)

• Fragments – Reassembly off by one IP header (Nestea attack)

• Fragments – flood initial fragment only (Rose Attack)

• Fragments – Deny

ICMP Threat

• ICMP Source quench

• ICMP mask request

• ICMP large packet(>1472)

• ICMP oversized packet(>65536) – ping of death/ssping attack)

• ICMP info request

• ICMP incompatible fragment (jolt attack)

• ICMP flood

• ICMP broadcast with spoofed source (Smurf/Pong attack)

• ICMP error  packets flood (Trash attack)

• ICMP spoofed unreachable (Click attack)

• ICMP spoofed unreachable flood (smack/bloop/puke attack)

TCP Threat

• TCP Packets without flag

• TCP packets, oversized

• TCP FIN bit with no ACK bit

• TCP packet with URG/OOB flag (nuke attack)

• TCP SYN fragments – reassembly with overlap (syndrop attack)

• SYN fragment

• SYN attack w/ip spoofing (land attack)

• SYN attack (syn flood)

• SYN and FIN bits set

• Scan attack– TCP port