Nmap Development mailing list archives
Re: TCP Resource Exhaustion Attacks
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Thu, 2 Oct 2008 21:10:21 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 2 Oct 2008 13:55:05 -0700 doug () hcsw org wrote:
Hi all, I initially discounted this as a hoax because of the following news article:
Same here. I'm with you that there is likely more here than just a socket resource exhaustion attack. Robert responded to Fyodor's post here: http://blog.robertlee.name/2008/10/conjecture-speculation.html Among other things, he writes: "In regards to Fyodor's article: There are some really valid points made; While his article does describe some of how sockstress works and why it is efficient, it does not describe our attacks." We all know about socket pool exhaustion and Fyodor is clearly an expert on the subject. Robert isn't stupid enough to re-brand that attack and hype it up as something new. He still has something of a reputation to keep up. Now, I'm not holding my breath that this attack is some new way to 0wn the !nt3rweb$ but I think that there has to be some clever aspect to it that improves upon what everyone has known for years. I think the only reason why a Nmap user or Nmap dev should care is that if vendors start modifying their TCP/IP attacks to either patch a real bug, or look like they patched a bug, a lot of OS fingerprints are likely to need to be added. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkjlOMMACgkQqaGPzAsl94IACQCffPYRfqfOA9CjLZoixF8DQnjN k/sAoIXeiB+G9JlSL9ce6KZ4dBxddDBQ =Zn71 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- TCP Resource Exhaustion Attacks Fyodor (Oct 02)
- Re: TCP Resource Exhaustion Attacks Michael Pattrick (Oct 02)
- Re: TCP Resource Exhaustion Attacks Ron (Oct 02)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 02)
- Re: TCP Resource Exhaustion Attacks RB (Oct 02)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 02)
- Re: TCP Resource Exhaustion Attacks doug (Oct 02)
- Re: TCP Resource Exhaustion Attacks Brandon Enright (Oct 02)
- Re: TCP Resource Exhaustion Attacks Robert E . Lee (Oct 03)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 06)
- Re: TCP Resource Exhaustion Attacks Robert E. Lee (Oct 06)
- Re: TCP Resource Exhaustion Attacks Kris Katterjohn (Oct 06)
- Re: TCP Resource Exhaustion Attacks Brandon Enright (Oct 02)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 06)