Bugtraq mailing list archives

Re: denial of service attack possible

From: jas () flyingfox COM (Jim Shankland)
Date: Fri, 27 Oct 1995 10:17:01 -0700


[Denial of service possible by remote host putting multiple connections
to a port into the SYN_RCVD state, thereby precluding further
(legitimate) connection attempts.]

It's even worse.  The same thing was done deliberately by Kevin Mitnick
during his packet-spoofing attack on Shimomura's machines in San Diego.
Mitnick put lots of connections into the SYN_RCVD state on machine A,
thereby "jamming" machine A and preventing it from interfering
(by sending RST packets) with his attack on machine B, impersonating
machine A.

Jim Shankland
Flying Fox Computer Systems, Inc.

Current thread:

Re: denial of service attack possible Andrew Gross (Oct 27)
- <Possible follow-ups>
- Re: denial of service attack possible Jim Shankland (Oct 27)
  - Re: denial of service attack possible Dr. Frederick B. Cohen (Oct 27)
  - Sendmail bug. Eduardo E. Silva (Oct 27)
  - New tool available: Netcat *Hobbit* (Oct 28)