Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:1641 |
| Message | DOS DB2 dos attempt |
| Summary | This event is generated when potential Denial of Service (DoS) traffic is detected on the network. |
| Impact | Serious. A DoS attack may be underway. |
| Detailed Information | This event indicates that DoS traffic has been detected. An attempt to exhaust resources on a host may be underway leading to the host being unavailable for legitimate use. |
| Affected Systems | |
| Attack Scenarios | An attacker may attempt to exhaust resources available on a host leading to the host being unable to respond to legitimate requests. |
| Ease of Attack | Simple to Difficult. |
| Corrective Action | Perform proper forensic analysis on the suspected compromised host to discover the means of compromise. Rebuild a confirmed compromised host. Use a packet-filtering firewall to block inappropriate traffic to the network to prevent hosts from being compromised. |
| Additional References | |
| Rule References | bugtraq: 3010 cve: 2001-1143 nessus: 10871 |
--
DID:604788
--
http://www.aanval.com/