Penetration Testing mailing list archives
Re: bind9 crash
From: "White Hat" <whitehat237 () gmail com>
Date: Sat, 12 Jul 2008 11:27:20 -0700
One thing to keep in mind: If the bind9 server has TCP SYN cookies enabled, (It's not enabled by default) a TCP syn half open flood probably won't work. You can check this by sending TCP packets with a maximum segment size
8 in the options field of the packet.
Then examine the packets sent back to you by the bind9 server with wireshark or similar protocol analysis tool, to determine if your MSS value was accepted or if the remote server set it to a value < 8 On Thu, Jul 10, 2008 at 9:46 AM, Ron Gutierrez <rgutie01 () gmail com> wrote:
I'm working on a project that requires me to find some ways to cause mayhem to a network. I'm trying to knock down a bind9 server and so far have been unsuccessful. I'm running it on a server with 64 mb ram so that hopefully that would make it easier to knock down with a small ddos attack but so far its only taking up 6 percent of the memory with the amount queries I've been throwing at. I'm not much a DNS guy. Do any of you guys know any bad bind configurations that could cause it to perform terribly to the point that it'll crash. Also If you know any for bind8 I could always switch to that. Thanks -- Ron Gutierrez ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- bind9 crash Ron Gutierrez (Jul 10)
- RE: bind9 crash Trent Williams (Jul 10)
- Re: bind9 crash Patrick Webster (Jul 10)
- Re: bind9 crash Secure Scorp (Jul 10)
- Re: bind9 crash Tonnerre Lombard (Jul 11)
- Re: bind9 crash Secure Scorp (Jul 10)
- Re: bind9 crash Jon Kibler (Jul 11)
- RE: bind9 crash Maxime Ducharme (Jul 11)
- Re: bind9 crash pinowudi (Jul 12)
- Re: bind9 crash White Hat (Jul 12)