Re: Win98 Crash?

[vanja () SIAMRELAY COM (Vanja Hrustic)]

At 14:31 25/01/99 -0500, dorqus maximus wrote:
> This oshare.c code may have crashed our Checkpoint Firewall-1, version 3.0b,
> Build Number: 3083. (Sun Sparc, Solaris 2.5.1)

[snip]

Little modification in the source. For example...

----------------------------------------------
ip->ihl         = 22;
ip->frag_off    = htons( -16383 );
----------------------------------------------

Compile, and send heaps of packets ('./oshare x.x.x.x 300' for example) to
local Windows 98/NT box. It should freeze (literally) while packets are
travelling. It recovers after the 'attack' is finished (shouldn't be a big
problem to leave a process in the background that will send packets forever).

This was tested against Windows 98 and Windows NT 4.0 ( 2 Workstations and
1 Server - all with SP4 applied, no post SP4 hotfixes).

*Please*, don't mail me with "It didn't work for me!" - that's why I post
it here, so people can test & make summaries. Play around with source, you
can get interesting effects (and responses from router :). Don't try to
flood NT boxes outside internal network - packets won't get out (they
didn't for me - others could have different results).

It will also affect HP-UX (tested against 10.20), but I didn't get more
than "jumping mouse" effect. Load is higher, but machine is functional.

Linux (2.0.36 and 2.2.0-pre4) was not affected.

(final note: program was compiled and 'initiated' on linux box w/
2.2.0-pre4 kernel)

Regards,
Vanja Hrustic
Information Systems Manager
Siam Relay Ltd.
Phone: +662-713-5130
Fax: +662-713-5132

http://www.siamrelay.com - Siam Relay Ltd. - Security & E-Commerce
http://safer.siamrelay.com - Security Alert For Enterprise Resources