Vulnerability Development mailing list archives
Re: [kiss from Helisec] : testing sinn
From: John <johns () TAMPABAY RR COM>
Date: Sat, 17 Feb 2001 14:14:02 -0500
To my knowledge I thought Napatha was released on Jan. 27th 2001 by Robert Keves. I saw it released on Packet Storm but, I did not see it on Security Focus (or am I blind ;) ). Here is the description as follows below. naptha-1.1.tgz 5371 Jan 27 01:16:18 2001 Naptha v1.1 is a denial of service attack against many OS's which uses established TCP connections to create a resource starvation attack. Includes three tools - bogusarp makes a bogus entry in the router's arp cache so it actually puts packets with our faked source address on the Ethernet, synsend, and srvr which replaces ackfin from Naptha 1.0. Tested against Windows 95, 98 and NT4 and more. Compiles on Linux 2.2.x, OpenBSD 2.7, FreeBSD 4.0. Homepage: http://razor.bindview.com. By Robert Keyes I have not tested this as I have not had the time to do so since the release. http://packetstorm.securify.com/0101-exploits/naptha-1.1.tgz http://razor.bindview.com/ bkeyes () razor bindview com ----- Original Message ----- From: Helios Security (Helisec) <NIKEBOY () RETEMAIL ES> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Saturday, February 17, 2001 11:40 AM Subject: [kiss from Helisec] : testing sinn : i have tried sinn between two machines of my network. this is what i got: : : : my_host:/users/Personal/docs/naphta#./sinnd 10.0.0.1 10.0.0.2 21 eth0 : : my_host:/users/Personal/docs/naphta# ./sinn 10.0.0.1 21 10.0.0.2 21 1000 : Creating 1000 connections : 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 : 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 ... : : my_host:/home$ ftp 10.0.0.2 : ftp: connect: Connection refused : ftp> : : and the victim host didnt recover till i rebooted : : at first, i thought sinn and sinnd were working just fine, but after that i : tried not to run sinnd and repeat the attack with sinn, and got same results. : finally, i tried a little shell script that opened multiple connections to : ftp port, and same results. so, nothing to do with sinn. : : we'll have to wait till naphta is released :) : : _kiss_
Current thread:
- [kiss from Helisec] : testing sinn Helios Security (Helisec) (Feb 17)
- Re: [kiss from Helisec] : testing sinn John (Feb 17)
- Naptha's code finally released (was: Re: [kiss from Helisec] : testing sinn) Bruno Morisson (Feb 17)
- Re: Naptha's code finally released (was: Re: [kiss from Helisec] : testing sinn) Simple Nomad (Feb 19)