Bugtraq mailing list archives
Re: 1+2=3, +++ATH0=Old school DoS
From: glynis () BUTTERFLY HJSOFT COM (John M. Flinchbaugh)
Date: Mon, 28 Sep 1998 03:52:40 -0400
On Mon, 28 Sep 1998, Pete Gonzalez wrote:
Also, it occurs to me that this vulnerability could possibly be used to make the person's modem hang up and dial 911. :-)
this could be a real problem. one of the early reports stated that the attacker managed to take down 30-40% of an irc channel, correct? so it seems to be a bit widespread. this could be used to make the modem dial those long-distance international pay numbers and such. and another observation i've noticed in testing this attack. the victim machine attampts to send the hangup string, drops it's network connection, and the response fails to get back to the attacking host. upon redialing, the response is again sent when it tries to flush that connection, and the modem goes offline yet again. i do not know off hand how long it will do this, but i witnessed a machine redial nearly 10 times before i finally just offlined my own computer, so it would not find me and try to send it again. another possibility in this little attack would be to reconfigure the modem, save the new settings, and online the modem again. could you see a dial up client being reconfigured to max out at a 2400 baud connection? :) ____________________}John Flinchbaugh{______________________ | -> glynis () hjsoft com <- john () cs millersv edu | | glynis () netrax net http://www.hjsoft.com/~glynis/ | ~~Powered by Linux: Reboots are for hardware upgrades only~~
Current thread:
- 1+2=3, +++ATH0=Old school DoS Max Schau (Sep 27)
- Re: 1+2=3, +++ATH0=Old school DoS Brett Glass (Sep 27)
- Re: 1+2=3, +++ATH0=Old school DoS kill9 (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS Kevin Day (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS Ross Wheeler (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS kill9 (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS *unknown* (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS Jason (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS Tudor Bosman (Sep 28)
- <Possible follow-ups>
- Re: 1+2=3, +++ATH0=Old school DoS Daniel Hauck (Sep 27)
- Re: 1+2=3, +++ATH0=Old school DoS Pete Gonzalez (Sep 27)
- Re: 1+2=3, +++ATH0=Old school DoS John M. Flinchbaugh (Sep 28)
- SHADOW group research indicates distributed probes and attacks Patrick Oonk (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS Adrian Gonzalez (Sep 28)
- Modem ATH0 thread route () RESENTMENT INFONEXUS COM (Sep 28)
- IRIX 6.2 passwordless accounts exploit? Dan Stromberg (Sep 28)
- Re: IRIX 6.2 passwordless accounts exploit? D.A. Harris (Sep 28)
- Re: IRIX 6.2 passwordless accounts exploit? Eugene Bradley (Sep 28)
- Re: Solaris non-root login (was: IRIX 6.2 pass...) Richard Yates SPG (Sep 29)
- mountd- more info (sorry) John Caldwell (Sep 28)
- Bay Accelar 1000 series Steven Hearon (Sep 28)
- Re: mountd- more info (sorry) RHS Linux User (Sep 29)
- Re: 1+2=3, +++ATH0=Old school DoS John M. Flinchbaugh (Sep 28)
- Re: 1+2=3, +++ATH0=Old school DoS Brett Glass (Sep 27)