Intrusion Prevention

TFN.2k.Icmp

Description

It indicates detection of Internet Control Message Protocol (ICMP) traffic sent between TFN2K hosts.

Tribal Flood Network (TFN) is a backdoor trojan used for Distributed Denial-of-Service (DDOS) attacks. TFN2K hosts communicate with each other using ICMP messages to launch DDoS attacks.

Affected Products

Any TFN2K infected system is vulnerable to the attack

Impact

Compromised hosts can be used to launch attacks on other systems

Recommended Actions

Clean the infected system as soon as possible.

Use FortiGate to block the TFN traffic so as to protect the network.

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ID	12167
Created	Sep 11, 2006
Updated	Apr 23, 2014
CVE ID
Risk
Exploit Prediction Score	0.97%
Default Action	pass
Active
Affected OS	Other
Affected App	Other
Profile Type	Malware

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

TFN.2k.Icmp

Description

Affected Products

Impact

Recommended Actions

Coverage

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

TFN.2k.Icmp

Description

Affected Products

Impact

Recommended Actions

Coverage

References

Threat Intelligence
Center