nanog mailing list archives

SUN: Re: New Denial of Service Attack on Panix

From: Allan Chong <allan () bellsouth net>
Date: Thu, 03 Oct 1996 13:19:00 -0400

Dima Volodin wrote:


Now can I hold my breath waiting for vendors to incorporate this stuff
into their products? Has anybody heard anything from Sun on this
matter?
The latest word going out from their SunService center is that

their engineers are working on it.  The cust. support reps at
least seemed to know what it was right off (which means lots of 
people have been calling about it)

I've been monkeying about with the ndd settings, but I've had a
hard time getting the exploit code to work.  Both neptune (phrack)
and the 2600 code both send the SYN packets (after some work) but
a sniffer shows that both of these don't correctly spoof the IP 
address, so RSTs follow the reply.  

Does anyone have _simple_ working exploit code for any platform?

I'm going to go ahead and implement the ndd fix, but I'd sure as
heck like to know how much it fixes it.

allan
allan () bellsouth net
- - - - - - - - - - - - - - - - -

Current thread:

Re: DoS, ICMP, proxies, SYNDefender, (continued)
- - - Re: DoS, ICMP, proxies, SYNDefender Tim Bass (Oct 04)
    - Re: DoS, ICMP, proxies, SYNDefender Avi Freedman (Oct 04)
    - Re: DoS, ICMP, proxies, SYNDefender Tim Bass (Oct 04)
    - Re: DoS, ICMP, proxies, SYNDefender Avi Freedman (Oct 04)
    - Re: DoS, ICMP, proxies, SYNDefender Tim Bass (Oct 04)
    - Re: New Denial of Service Attack on Panix Mike O'Dell (Oct 03)
    - Re: New Denial of Service Attack on Panix Tim Bass (Oct 03)
    - Re: New Denial of Service Attack on Panix Mike O'Dell (Oct 03)
    - Re: New Denial of Service Attack on Panix Tim Bass (Oct 03)
    - Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
    - SUN: Re: New Denial of Service Attack on Panix Allan Chong (Oct 03)
    - Re: New Denial of Service Attack on Panix Perry E. Metzger (Oct 03)
    - Re: TCP SYN attacks Ran Atkinson (Oct 03)
    - Re: TCP SYN attacks Zach (Oct 03)
    - Re: TCP SYN attacks Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 02)
  - Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 03)
  - Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 03)
  - Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)

(Thread continues...)