Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:268 |
| Message | DELETED DOS Jolt attack |
| Summary | This event is generated when a remote attacker attempts to send large, fragmented IP packets to the internal network, indicating a Jolt Denial of Service (DoS) attack. |
| Impact | Denial of service. |
| Detailed Information | Jolt is a DoS attack characterized by large, fragmented IP packets that, when launched at a Windows system, can hang or crash the computer. |
| Affected Systems | Windows 95 Windows 98 Windows NT Windows 2000 |
| Attack Scenarios | An attacker sends oversized, fragmented IP packets to a target computer. If the computer is running an unpatched version of Windows, it may crash. |
| Ease of Attack | Simple. |
| Corrective Action | Install the latest patches available for your operating system. Implement a packet-filtering firewall to block inappropriate traffic to the network. |
| Additional References | |
| Rule References | cve: 1999-0345 |
--
DID:348931
--
http://www.aanval.com/