Firewall Wizards mailing list archives
Re: Denial of service
From: Frank de Jong <frankdj () PH TN TUDelft NL>
Date: Wed, 19 Aug 1998 17:35:04 +0200
Date: Mon, 17 Aug 1998 15:44:12 -0700 From: "Tupshin Harper" <tupshin () tupshin com> Subject: RE: Denial of service There are generally three reasons for an attack: 1) Attacker wants to obtain information. 2) Attacker wants to obtain use of resources 3) Attacker wants to inflict damage on the attacked 4) Attacker wants to climb Mt. Everest(because it's there). Number three is frequently overlooked by those that should know better. Many otherwise secure networks/systems are susceptible to denial of service attacks, typically motivated by number three. Examples of denial of service attacks range from crashing a server to using a thermo-nuclear device on your ISP.
There are also ways to combine some of these 'three' reasons. Suppose I have a server host that offers a certain sensitive service to a network, and I would like to take over this service. If some client hosts are 'loosely' configured (so that they accept this service from other servers if the main server fails), I could DoS-flood the original server, causing it to refuse new connections, and take over the main server roll. For services like NIS and NFS, I could create bogus deamons that collect passwords or give tampered versions of /bin/su, login, or utilities that are frequently run as user 'root'. Frank
Current thread:
- RE: Denial of service, (continued)
- RE: Denial of service David C Niemi (Aug 19)
- RE: Denial of service Ted Doty (Aug 23)
- RE: Denial of service David C Niemi (Aug 23)
- RE: Denial of service Marcus J. Ranum (Aug 23)
- Re: Denial of service ICMan (Aug 19)
- Re: Denial of service Ted Doty (Aug 23)
- Re: Denial of service Gigi Sullivan (Aug 19)