Penetration Testing mailing list archives
Re: [PEN-TEST] DOS Attack
From: James Kelly <james.kelly () tcs wap org>
Date: Tue, 10 Oct 2000 12:51:04 -0400
this port is for version 1 of back oriface jim k "Craig T. Hancock" wrote:
Hello all I am doing some reasearch for a friend for a DOS attack on an IRIX 6.5 the attack from what I was told can be ported to an unix machine. So I am trying here this is the info that I have on the attack. It is called Hack a Tick. Hello all a machine that I administer has been involved in a DOS attack on my subnet. THe networking monitor group as told me that a person was connecting to my machine via prt 31789 which is a udp port that cause a huge amount of overhead on the network. The thing I don't understand is how is this attacked is cause also I don't understand how the person could have gotten in. I didn't see any relevant info from the logs, but then again those could have been doctored. Port State Protocol Service 22 open tcp ssh 111 open tcp sunrpc 515 open tcp printer 620 open tcp unknown 800 open tcp mdbs_daemon 801 open tcp device 1024 open tcp unknown 1025 open tcp listen 1026 open tcp nterm 1030 open tcp iad1 1455 open tcp esl-lm 2049 open tcp nfs 4321 open tcp rwhois 6000 open tcp X11 I would like to know exactly how is this attack done, I mean I haven't been able to find out any specifics and how is this prevented. I have checked the logs but I haven't been able to find out if the person ever got in. It looks like no one was logged in at the time, but then again the logs could have been doctored. Here is a reference to the attack this is the only info that I have been able to find. -- _______________________________________________________________________ If life is a dream then I am real I exist in smoke and shadow I see all and know nothing beware my mist I am kindred feel thy wraith if tho is wronged.
Current thread:
- [PEN-TEST] Password Protection in0m of the s0d crew (Oct 07)
- Re: [PEN-TEST] Password Protection Mark Teicher (Oct 09)
- Re: [PEN-TEST] Password Protection Fred Mobach (Oct 09)
- Re: [PEN-TEST] Password Protection Patrick Feisthammel (Oct 09)
- Re: [PEN-TEST] Password Protection Allen, Peter (Oct 09)
- [PEN-TEST] DOS Attack Craig T. Hancock (Oct 10)
- Re: [PEN-TEST] DOS Attack James Kelly (Oct 10)
- Re: [PEN-TEST] DOS Attack H D Moore (Oct 15)
- <Possible follow-ups>
- Re: [PEN-TEST] Password Protection Ben Ford (Oct 09)
- Re: [PEN-TEST] Password Protection Jensen, Greg (Oct 10)
- Re: [PEN-TEST] Password Protection White Vampire (Oct 10)
- Re: [PEN-TEST] Password Protection Dunker, Noah (Oct 10)
- Re: [PEN-TEST] Password Protection White Vampire (Oct 11)