Bugtraq mailing list archives
Re: various *lame* DoS attacks
From: puppet () DYNAMSOL COM (puppet)
Date: Sat, 7 Nov 1998 22:22:35 GMT
On Fri, 6 Nov 1998 01:46:17 -0600, you wrote: The problem with a timeout not shutting down the port was fixed almost a month ago. Spoofing is always a problem, that is why the script was written such that channel takeovers are not possible. puppet
2) CPU DoS against NukeNabber (NT only?) I haven't tested this on anything other than Windows NT 4.0 SP3 (Workstation & Server) How it works: NukeNabber listens on several ports for connections. You can configure it to listen on any port, but the standards are 1080, etc. If you telnet to the port of a machine that NukeNabber is listening on, NukeNabber apparently spawns a process called Report.exe. This process lasts anywhere from 30-90 seconds, and consumes ~100% CPU. The problem with this is fairly obvious. (note: when connecting to a port that NukeNabber is listening on, it's important that you don't type anything. Just let the connection sit and time out.) Fix: Unsure Has the author been notified? Yes, about 6 weeks ago. I received no reply. While we're on the subject of NukeNabber, I'll point something else out. NukeNabber has a nifty feature that establishes a DDE link with an IRC client. (mIRC or pirch) There are scripts written for both clients that have the option to kick/ban any host found to be "nuking" from all the channels that you're oped in, and can also /ignore them. This can become interesting when someone has a version of WinNuke that can spoof a source IP. If a person has the kick/ban/ignore feature active, you can turn them against the people in their channels quite easily. Again, lots of fun to be had here. (I believe the only "nuke" that NukeNabber listens for is a WinNuke.)
--- Get NukeNabber 2.9a & The Cleaner 1.9d @ http://www.dynamsol.com/puppet/ Read the NN FAQ @ http://www.dynamsol.com/puppet/faqs/nnfaq.html PGP Key ID: B4066BF1 Fingerprint: FF3E 9A24 E08C 69BB C318 F702 FBCF 3DC4 B406 6BF1
Current thread:
- another /usr/dt/bin/dtappgather feature! Andrea Costantino (Nov 02)
- Re: another /usr/dt/bin/dtappgather feature! Casper Dik (Nov 04)
- Possible mail spool problem signal (Nov 04)
- Re: Possible mail spool problem CyberPsychotic (Nov 05)
- Re: Possible mail spool problem Conrad Juleff (Nov 05)
- various *lame* DoS attacks Conrad Juleff (Nov 05)
- Re: various *lame* DoS attacks puppet (Nov 07)
- Sendmail DoS (was: Re: various *lame* DoS attacks) net.ikon (Nov 12)
- Possible mail spool problem signal (Nov 04)
- Re: another /usr/dt/bin/dtappgather feature! Casper Dik (Nov 04)
- Re: another /usr/dt/bin/dtappgather feature! Ben Collins (Nov 04)
- Re: another /usr/dt/bin/dtappgather feature! Scott Cromar (Nov 05)
- Re: another /usr/dt/bin/dtappgather feature! J.A. Gutierrez (Nov 06)
- Re: another /usr/dt/bin/dtappgather feature! Casper Dik (Nov 09)
- Sun Security Bulletin #00178 joshua grubman (Nov 09)
- XFree86 3.3.2's setup tool /tmp race Adrian Voinea (Nov 08)
- Secure-linux patch Ernst Jan Plugge (Nov 05)