Vulnerability Development mailing list archives

Re: Denials of Service Attacks

From: adam () ALIENZOO COM (Adam Muntner)
Date: Tue, 18 Jul 2000 10:19:09 -0700


"J. Oquendo" wrote:

This is a document in which I have spent some down time detailing different types of Denials of Service attacks, how 
some may be constructed, and how some may be stopped. I have also included sample source code (some broken to deter 
script kiddies) in hopes I could gather enough data to prevent Denials of Service on my own network as well as assist 
others in assessing their own networks. BGP4, OSPF, RIP, EIGRP, IGRP, IS-IS, ICMP are covered and or under 
construction.

Currently I am studying for the CCIE since the CCNA is being changed this year and hopefully I can attain it (CCIE) 
in about 1 1/2 years or so (who knows) besides I work too long as it is and study time is limited (hey!$! I'm married 
ya know)


<OPINION>
My only real comment is against the recent trend of releasing 'broken'
exploits, as being against the spirit of "full disclosure."  I would
hasten to say that a large number of people using publish 'cracker'
tools are professionals, as opposed to script kids.

Most of us are pretty busy, too.  While the error intentionally
introduced may be a small one, it frequently interferes with the flow of
work - ie, testing the tool on your OWN hardware in order to develop
defenses against similar attacks.

While I appreciate the sentiment in trying to limit malicious use... the
argument for full disclosure is about the same argument against gun
control, here in the US... The bad guys won't be deterred, and will
still get their hands on powerful weapons.  Also, "who can debug some c
code" isn't exactly a good litmus test, to determine who is
'responsible' enough to get their hands on working tools.  Plenty of
great network guys aren't c coders, and plenty of malicious kids are.

While I haven't yet looked at your code (for all I know, you just
commented out a critical line or something), I wanted to address this
issue from a more... philisophical approach, in an attempt to head off
this disturbing trend that I think doesn't jive with the purpose of a
full-disclosure list.
</OPINION>

adam.

--
Adam Muntner
Systems Engineer, AlienZoo Inc.
adam () alienzoo com
(602)850-3262

Current thread:

CASL & IP Options Gabe Kostolny (Jul 11)
- Re: CASL & IP Options Pedro Quintanilha (Jul 12)
- eEye Digital Security ports nmap to Windows NT Marc (Jul 13)
- Nokia 7110 Wap Browser Hole Aidan O'Kelly (Jul 13)
- core dump mount ararat blossom (Jul 13)
  - Re: core dump Leon Breedt (Jul 13)
  - Re: core dump Kev (Jul 13)
  - Re: core dump Tymm Twillman (Jul 13)
  - Re: core dump Bluefish (Jul 14)
  - Denials of Service Attacks J. Oquendo (Jul 16)
    - Re: Denials of Service Attacks Adam Muntner (Jul 18)
  - Re: core dump Javier Abdul Córdoba Gándara (Jul 17)
  - IIS anonymous user - who? Chris Erasmus (Jul 17)
    - Re: IIS anonymous user - who? Bill Pennington (Jul 18)
  - [Paper] Format bugs. Pascal Bouchareine (Jul 18)
  - IE Script Vul. Frank Town (Jul 18)