What is a multiple-packet attack and what is needed by an IDPS to detect one?  Provide an example.

What will be an ideal response?


Multiple-packet attacks (also called "composite attacks") require a series of packets to be received and executed. These attacks are especially difficult to detect. They require an IDPS to have multiple attack signatures on hand for reference. In addition,the IDPS sensor needs to maintain state information about a connection after it has been established,and it needs to keep that state information on hand for the entire length of an attack.
Denial of service (DoS) attacks are obvious examples of multiple-packet attacks. A type of DoS attack called an ICMP flood occurs when multiple ICMP packets are sent to a single host on a network. The result of this flood is that the server becomes so busy responding to the ICMP requests that it cannot process other traffic.

Computer Science & Information Technology

You might also like to view...

Which of the following statements is false?

a. In the UML, each class is modeled in a class diagram as a rectangle with three compartments. The top one contains the class’s name centered horizontally in boldface. The middle one contains the class’s attributes, which correspond to instance variables in Java. The bottom one contains the class’s operations, which correspond to methods and constructors in Java. b. UML represents instance variables as an attribute name, followed by a colon and the type. c. Private attributes are preceded by the keyword private in the UML. d. The UML models operations by listing the operation name followed by a set of parentheses. A plus sign (+) in front of the operation name indicates that the operation is a public.

Computer Science & Information Technology

Imagine a program that compresses files by 80 percent and stores them on storage media. Before the compressed file is stored, it must be divided into blocks of 512 bytes each. Develop an algorithm for this program that first reads the number of blocks available on the storage media. Then, in a loop, read the uncompressed size of a file and determine whether the compressed file will fit in the space left on the storage media. If so, the program should compress and save the file. It continues until it encounters a file that will exceed the available space on the media. For example, suppose the media can hold 1000 blocks. A file of size 1100 bytes will compress to size 880 and require 2 blocks. The available space is now 998 blocks. A file of size 20,000 bytes will compress to size 16,000 and

What will be an ideal response?

Computer Science & Information Technology

Describe two methods for launching an application.

What will be an ideal response?

Computer Science & Information Technology

An array is a collection of variables called ____, each with the same name and data type.

A. elements B. subscripts C. variables D. sentinels

Computer Science & Information Technology