Re: updated Bindview NAPTHA advisory

[Alfred Perlstein <bright () WINTELCOM NET>]

* Bob Keyes <bkeyes () MAIL BOS BINDVIEW COM> [001219 16:36] wrote:
>   The NAPTHA DoS vulnerabilities
>
>   Issue Date: 30 November 2000
>   Updated: 18 December 2000
>   Contact: Robert Keyes
>
>   Topic:
>
>   Network DoS vulnerabilities
>
>   Overview:
>
>   A set of network DoS vulnerabilities has been discovered, and the name
>   NAPTHA is being used to describe them as a group. The NAPTHA
>   vulnerabilities are weaknesses in the way that TCP/IP stacks and network
>   applications handle the state of a TCP connection.

I thought this was already exposed as a pretty stupid vulnerability.

You need local net access or you must reveal your identity for this
attack to work (send packets with a true source address).

This is also just another rehash of an old program called "octopus",
just that it requires less resources to run.

I can't believe you guys are still trying to gain attention with
this bogus "vulnerability".

References (you'll laugh):

http://docs.freebsd.org/cgi/getmsg.cgi?fetch=111311+0+archive/2000/freebsd-security/20001210.freebsd-security

http://docs.freebsd.org/cgi/getmsg.cgi?fetch=157312+0+archive/2000/freebsd-security/20001210.freebsd-security

Lastly the flooding on the ssh port should have been fixed since at
least FreeBSD 4.1.1 which is several months old.

bye!

--
-Alfred Perlstein - [bright () wintelcom net|alfred () freebsd org]
"I have the heart of a child; I keep it in a jar on my desk."