nanog mailing list archives
Re: Government scrutiny is headed our way
From: Joe Shaw <jshaw () insync net>
Date: Sun, 21 Jun 1998 08:33:39 -0500 (CDT)
On Sun, 21 Jun 1998, Henry Linneweh wrote:
Now that we have gotten down to the nitty gritty here. AGAIN the main mechanism for spoofing the smurf attacks is A program call wingate, ban that code and this problem will be cut more than in half.
What does wingate have to do with this? Smurf attack is the term used for an ICMP echo based denial of service attack caused by sending a forged icmp echo request to a brodcast network address. The attacker forges the source address of the icmp echo request to that of his victim, so all ICMP echo replies come back and flood the victim(s). Now, these packets can be hand forged by anyone with a moderate knowledge of C and root on a UN*X workstation. Don't fix the symptom, but fix the reason these attacks work. Packet authentication is the answer down the line, but for now it's getting the twonks with their networks open to fix the problem. This DoS can also be done with UDP echo, and UDP packets are much easier to forge/spoof than TCP.
Next there is a rumor that 8000 users have been infected with a tweaked system.exe file that makes that user a smurf amplifier unwittingly. These are things to watch for. I wish there was an easier way to break bad news.
I fell out of my chair at that statement. One user/host cannot be a smurf amplifier; one network from a /30 and down can with different results. Joe Shaw - jshaw () insync net NetAdmin - Insync Internet Services Any spelling mistakes and/or grammar errors are due to lack of sleep...
Henry
Current thread:
- Re: Government scrutiny is headed our way, (continued)
- Re: Government scrutiny is headed our way David R. Conrad (Jun 16)
- Re: Government scrutiny is headed our way Karl Denninger (Jun 17)
- Re: Government scrutiny is headed our way Alex P. Rudnev (Jun 17)
- Re: Government scrutiny is headed our way Hal Murray (Jun 20)
- Re: Government scrutiny is headed our way Henry Linneweh (Jun 20)
- Re: Government scrutiny is headed our way Joe Shaw (Jun 20)
- Re: Government scrutiny is headed our way Henry Linneweh (Jun 21)
- Re: Government scrutiny is headed our way Brian Wallingford (Jun 21)
- Re: Government scrutiny is headed our way Dean Robb (Jun 23)
- NANOG 13 Videos on-line Jeffrey Payne (Jun 23)
- Re: Government scrutiny is headed our way Joe Shaw (Jun 21)
- Re: Government scrutiny is headed our way Brett Frankenberger (Jun 21)
- Re: Government scrutiny is headed our way Joe Shaw (Jun 22)
- smurf amplifier vs one workstation Brian Pape (Jun 22)
- Re: Government scrutiny is headed our way Hal Murray (Jun 22)
- Re: Government scrutiny is headed our way Karl Denninger (Jun 22)
- Re: Government scrutiny is headed our way Curt Howland (Jun 17)
- Re: Government scrutiny is headed our way Steve Sobol (Jun 17)