Vulnerability Development mailing list archives
Re: Windows DoS code (jolt2.c)
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Sun, 28 May 2000 20:43:34 +0200
Phonix Monkey wrote:
An interesting side note is that minor changes to this packet cause NT4/Win2k (maybe others, not tested) memory use to jump *substantially* (+70 meg non-paged-pool on a machine with 196 mb phys).
Hi again Phonix! (Yes, I'm done picking your PoC code to pieces now :-) First: I tried introducing a delay in the send loop. Sending less than 200 packets per second didn't do much for CPU load, but over 300 pps completely locked the victim machines (NT4/SP6 and W2K). (Without the delay in place, I only ended up freezing the switch connecting the attacker to the target :-P ) Second: What's this "minor change" that you describe? It'd be really interesting to see what it is, since jolt2.c currently is only "effective" for the duration of the attack. If the victim machine could be made to consume lots of RAM, it'd be "more effective". Regards, Mikael Olsson -- Mikael Olsson, EnterNet Sweden AB, Box 393, SE-891 28 ÖRNSKÖLDSVIK Phone: +46-(0)660-29 92 00 Fax: +46-(0)660-122 50 Mobile: +46-(0)70-66 77 636 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Re: Outlook HTML VBS (demo), (continued)
- Re: Outlook HTML VBS (demo) PCbob - Slobodan miskoviC (May 21)
- Vs: Re: Outlook HTML VBS (demo) Marko Ernvall (May 22)
- Re: Outlook HTML VBS (demo) Bluefish (May 22)
- Re: Outlook HTML VBS (demo) PCbob - Slobodan miskoviC (May 21)
- Re: Outlook HTML VBS (demo) Hull, Dave (May 22)
- Re: Outlook HTML VBS (demo) Hull, Dave (May 22)
- Windows DoS code (jolt2.c) Phonix Monkey (May 25)
- Re: Windows DoS code (jolt2.c) Matthew S. Hallacy (May 27)
- Re: Windows DoS code (jolt2.c) Brian S. DuRoss (May 27)
- Re: Windows DoS code (jolt2.c) Matthew S. Hallacy (May 27)
- Re: Windows DoS code (jolt2.c) Brad Spengler (May 29)
- Windows DoS code (jolt2.c) Phonix Monkey (May 25)
- Re: Windows DoS code (jolt2.c) Mikael Olsson (May 28)