Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:1641 |
Message | DOS DB2 dos attempt |
Summary | This event is generated when potential Denial of Service (DoS) traffic is detected on the network. |
Impact | Serious. A DoS attack may be underway. |
Detailed Information | This event indicates that DoS traffic has been detected. An attempt to exhaust resources on a host may be underway leading to the host being unavailable for legitimate use. |
Affected Systems | |
Attack Scenarios | An attacker may attempt to exhaust resources available on a host leading to the host being unable to respond to legitimate requests. |
Ease of Attack | Simple to Difficult. |
Corrective Action | Perform proper forensic analysis on the suspected compromised host to discover the means of compromise. Rebuild a confirmed compromised host. Use a packet-filtering firewall to block inappropriate traffic to the network to prevent hosts from being compromised. |
Additional References | |
Rule References | bugtraq: 3010 cve: 2001-1143 nessus: 10871 |
--
DID:604788
--
http://www.aanval.com/