Let’s start our coverage of defense from the second general category of attacks with a blast from the past. Juniper has also implemented screens for you to use to block many of the popular attacks from the 1990s. Yes, the 1990s. Although these attacks were patched many, many years ago, Juniper wrote screens to protect against them because they do show up as hackers attempt to cash in on a newer generation of network security engineers. For more up-to-date protections against exploits and attacks from this grand decade of the Internet, use of the IPS system is recommended.
Winnuke is an attack screen that blocks an attack on the Windows
95/NT/3.1 platforms. Winnuke attacked port 139 (NetBIOS) with some
out-of-band data in an attempt to
crash the system. You can block winnuke using the
set security screen ids-option untrusted-internet tcp
A second attack from the mid-1990s is the Ping of Death attack. This attack involves sending a ping
packet at the maximum possible size, which is 65,535 bytes. Sending a ping
packet of this size would cause the end host to crash. To block this
attack use the
set security screen ids-option
untrusted-internet icmp ping-death command.
A more sophisticated DoS attack from the 1990s that seems to come back to life every now and again is the Teardrop attack. The Teardrop attack was most recently found to crash Windows 7 boxes by attacking the SMB2 protocol. The Teardrop attack is two fragmented packets that ...