Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

DDOS: Shaft Client to Handler

This signature detects connections to TCP/20432. This can indicate that a Shaft client is attempting to communicate with a Shaft handler. Attackers can use Shaft, a distributed-denial-of-service (DDoS) attack tool, to flood IP addresses with packets from forged source addresses.

References

CVE: CVE-2000-0138

URL: http://www.adelphi.edu/~spock/shaft_analysis.txt http://marc.info/?l=bugtraq&m=95715370208598&w=2

Short Name

DDOS:SHAFT:CLIENT-TO-HANDLER

Severity

Info

Recommended

False

Recommended Action

None

Category

DDOS

Keywords

CA-2000-01 CVE-2000-0138 Client Handler Shaft to

Release Date

04/22/2003

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3324

Port

UDP/20432

False Positive

Rarely

CVSS Score

5.0