Vulnerability Development mailing list archives
Packet Fragmentation Attacks
From: Max <max0r () digitalsamurai org>
Date: Thu, 24 Aug 2000 19:18:58 +0000
I was reciently experimenting with some packet fragmentation attacks against my hope network. Please tell me if this old new or not, but here goes: I wrote the "flooder", to create a random ip header ip, and for each subsequent packet, the ip_id would be decreased. I used a random fragmentation offset in the attack. I ran the attack, ok, load average increase, nothing amazing. All of a sudden after about 30 seconds, I recieve the following kernel message: "Aug 24 10:10:43 orion /bsd: ne3: warning - reciever ring buffer overrun". Mind you, this is the box _BEING_ attacked, not the one doing the attacking. Any ideas? -Max -- [FCS] Yea, We Regulate [FCS]
Current thread:
- Packet Fragmentation Attacks Max (Aug 24)
- Re: Packet Fragmentation Attacks Mikael Olsson (Aug 25)
- Remote exploitation of network scanners? Lincoln Yeoh (Aug 25)
- Re: Remote exploitation of network scanners? Paul Cardon (Aug 25)
- Re: Remote exploitation of network scanners? Marc Maiffret (Aug 25)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 25)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 26)
- Re: Remote exploitation of network scanners? Lincoln Yeoh (Aug 26)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 26)
- Re: Remote exploitation of network scanners? Ryan Sweat (Aug 26)
- Re: Remote exploitation of network scanners? Adam Prato (Aug 25)