Syn flood (Threat Medium)

It has come to my attention that there is a new minor threat out on the internet that is currently under way.

Syn Flooding of computers is not new and it is also not preventable.

ISP's try to install Filters that block these kinds of floods on their network but they are ineffective at best and rarely provide protection for their customers and are hardly adequate in protecting the ISP that is using the filters.

PORT 1430 is very active right now out on the internet.

If you have a firewall that you can configure Port blocking rules on, make a new Rule called "Syn flood" Set it to block ALL IP numbers and set the port block to port 1430

Port 1430 is a reverse port and will reflect your own connection right back at you. Not a very nice way to surf the internet is it.

If you notice traffic on internal port numbers such as 127.0.0.0 or 127.0.0.1 etc in your firewall logs you are more then likely receiving the "Syn flood" attacks.

No reason to panic from a security standpoint however the annoyance level could heat up your shirt collar when you are trying to network correctly.

Syn flood attacks certainly are not restricted to one port such as 1430 but that is the Hypercom TPDU transport port and not a very nice port to be getting hit from.

Those of you with Norton Firewall will not have the ability to make port rules of any kind. As far as ZONE alarm goes it has been discussed that this program although a fantastic little piece of software it will crumble in the face of an Syn Attack as it will overload.

Black ICE Defender is also very vulnerable to Syn attacks and fails instantly.

Kerio Personnel Fire wall free edition will afford you some protection but it will also become overloaded.

Trend Micro will detect the attack and automatically make a new temporary fire wall rule to block all network activity on the port number attacking but it will forget the attack if you do not make a permanent rule in your Firewall options portion of the program.

MacAfee will prevent the Syn attack outright you need not make any rules to prevent them but it like all the rest cannot prevent the Syn flood hitting the computer. MacAfee will in short order overload due to the amount of packet flooding and fail.

So in short make Router rules to filter for Syn floods if your router software can block the attacks out on the net before they reach your computer you will have the benefit of frustrating the attacker and continue to go along with your business as normal.

<font color=red>GOD</font color=red> <font color=orange>LOVES</font color=orange> <font color=red>CANADA</font color=red>

You are Welcome.

I just risked a Firmware update on my Router that was successful.

I read the update information in the readme.txt and it said it had some new tweaks for Windows XP SP2 and IE so I downloaded the .BIN file then used the routers online software to do the Firmware update.

It took about 5 minutes and in that time I removed all the fingernails from my left hand Fear of power failure........or something else.

Anyhow I now have a little better protection but the update did not provide me with any new tools to set on the router set-up page so I just made sure the filters I had were configured correctly.

<font color=red>GOD</font color=red> <font color=orange>LOVES</font color=orange> <font color=red>CANADA</font color=red>

I hate doing BIOS and Firmware updates!! You can lose the damn hardware device.

If you have ever used a Pilot programmer before for CMOS you would know too.

<font color=red>GOD</font color=red> <font color=orange>LOVES</font color=orange> <font color=red>CANADA</font color=red>

Stop masturbating so much. Eden is getting jealous.

</font color=red><i><font color=red>GOD</font color=red> <font color=blue>BLESS </font color=blue><font color=red>AMERICA

"Yeah, like, helloooo, too much informatiooooooooooooooooooon!!!"

Pussy...

--
The <b><A HREF="http://snipurl.com/bl3t" target="_new"><font color=red>THGC Photo Album</font color=red></A></b>, send in your pics, get your own webpage and view other members' sites.

Everytime he does it, I feel nastier. Will you do it instead?

--
The <b><A HREF="http://snipurl.com/bl3t" target="_new"><font color=red>THGC Photo Album</font color=red></A></b>, send in your pics, get your own webpage and view other members' sites.

I have no clue.

--
The <b><A HREF="http://snipurl.com/bl3t" target="_new"><font color=red>THGC Photo Album</font color=red></A></b>, send in your pics, get your own webpage and view other members' sites.

Ive got Trend Micro, so should I just keep a chek on my event logs?

READ THE STICKY AND WIN A PRIZE! ALL PRIZES CAN BE CLAIMED IN THE SECTION TITLED "THE OTHER"

YEP!!

<font color=red>GOD</font color=red> <font color=orange>LOVES</font color=orange> <font color=red>CANADA</font color=red>

Or you could ignore me...I will do the same for you

A lie can travel halfway around the world while the truth is putting on its shoes.

Mark Twain

Agreed. For once I can attempt a BIOS flash with little worries, especially since they also use more safe ways to flash the BIOS now.

I did notice however some non-Gigabyte boards that had two BIOS'. Dunno how effective they are. GB has been known for them so they prolly master the technology.

--
The <b><A HREF="http://snipurl.com/bl3t" target="_new"><font color=red>THGC Photo Album</font color=red></A></b>, send in your pics, get your own webpage and view other members' sites.