Vulnerability Development mailing list archives
Re: DoS Local machines
From: xm () GEEKMAFIA DYNIP COM (Jonathan Williams)
Date: Sun, 7 May 2000 22:56:10 -0400
Or you could have afirewall drop all apckets from that ip. Networking stacks can be patched. Ex Machina (xm () geekmafia dynip com) http://geekmafia.dynip.com/~xm/ phone: 1-877-LPT-WHIP icq: 3387005 aim: ExMachina GnuPG Keyprint: 0627 C3A8 DE25 F7FB 46BD 4870 2006 CF7F EBDA 949D On Sun, 7 May 2000, Jason wrote:
Date: Sun, 7 May 2000 22:29:00 -0500 From: Jason <jottwell () OPENRECORDS ORG> To: VULN-DEV () SECURITYFOCUS COM Subject: DoS Local machines Hello all, I am a network admin that is willing to take the next step in preventing machines from attacking other machines on my network. Let's say that IDS such as LIDS detects an attack, I am planning on an offensive attack upon the attacker (provided that the 'attacker' is an ip not coming from outside of my router). I have control of over 2500 machines in several cities and I can't look at an ip and then walk over to the box and work with the machine. With this said, I have control over the 2500 machines, but I do not have admin access to every machine and security holes are abundant. What I'm working on is a way to stop one machine from attacking another on my network. We have 9x, NT, linux, solaris, and AIX machines on the network. The AIX machines I'm not *as* worried about as I have complete control over these boxes. Here is a list of DoS's for the OS's listed above that I know about: 9x - OOB, malformed packets, (choose your nuke) NT - pretty much same as 9x linux - nestea, land Arp cache poisoning, and icmp redirects are attacks that I'm working with so far. Yes I know I can browse my way through about 50 DoS's on packetstorm, rootshell (what happening with these guys), hack.co.za, etc. What I'm looking for is more along the lines of arp cache poisoning, icmp redirects, etc that do not freeze the entire machine but only stop the network stack. Then a more drastic approach if that doesn't work. Any help in this thought process would be greatly appreciated. Jason
Current thread:
- Re: The Million Dollar Solution, (continued)
- Re: The Million Dollar Solution Jeremy Speer (May 06)
- Very Technical info about The VIRUS repair...but well laid out Robert Riebs (May 06)
- Administrivia #8704 (I think we should just be friends) Blue Boar (May 06)
- Re: The Million Dollar Solution (NOT?) Nohican (May 06)
- Re: Networking theories Matthew King (May 06)
- Re: Networking theories Bluefish (May 07)
- Re: Networking theories Aussie (May 07)
- Re: Networking theories Matthew R. Potter (May 07)
- Re: Networking theories J . Phillips (May 08)
- DoS Local machines Jason (May 07)
- Re: DoS Local machines Jonathan Williams (May 07)
- Re: DoS Local machines Seth R Arnold (May 07)
- Re: DoS Local machines Arturo Busleiman (May 10)
- Re: DoS Local machines TeeSPy (May 11)
- Re: DoS Local machines Jason (May 10)
- Re: DoS Local machines Barclay Osborn (May 11)
- Re: Networking theories Matthew R. Potter (May 07)
- Re: Networking theories Helmethead (May 07)
- Re: Networking theories Dragos Ruiu (May 07)
- Re: Networking theories Blue Boar (May 07)
- Re: Networking theories Dug Song (May 08)