IPS Signatures

Impossible IP Packet

 
Signature ID: 1102/0
Original Release:S2
Release:S473 (download)
Original Release Date:2001 February 02
Latest Release Date:2010 February 25
Default Enabled:True
Default Retired:False
CVE:CVE-2009-3563
BugTraq ID:37255
Alarm Severity:High
Fidelity:100 

Description

This triggers when an IP packet arrives with source equal to destination address. This signature will catch the so-called Land Attack.

Recommended Filter

No recommended filters.

Benign Triggers

Some Ethernet frames with an unknown protocol type may cause benign triggers.

IntelliShield Alerts

IntelliShield ID Headline VersionCVSS ScoreLast Published
3783Novell NetWare Denial of Service12002 May 14 16:16 GMT
8889Microsoft Windows LAND Attack Denial of Service Issue62006 October 10 22:05 GMT
19540Network Time Protocol Package Remote?Message Loop Denial of Service?Vulnerability195.0/4.12013 March 28 19:51 GMT

Download

To download this and other IPS update files, please go to Cisco Secure Software Download.

LEGAL DISCLAIMER
THE INFORMATION ON THIS PAGE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION CONTAINED HEREIN, OR MATERIALS LINKED FROM THE DOCUMENT, IS AT YOUR OWN RISK. INFORMATION IN THIS DOCUMENT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
Powered by  IntelliShield