Re: TCP flood against NetGear FM114P

[Stephen Samuel <samuel () bcgreen com>]

Try putting a snooper (ethereal or even just tcpdump) on the outside of
your netgear (if you have a spare hub handy). From those *extremely*
varied hit counts needed to crash the box, I'm guessing that something
else is needed to trigger a failure besides just massive connects.

It may be a race condition or a specific pattern in sequence nunbers, or....

I'm guessing that you could also crash it with multiple connects *through*
the firewall. That would explain your availability troubles.

Marc Ruef wrote:
>> I've got a lot of availability trouble with my NetGear FM114P. After
.....
> It is interessting that there is no exact value for the success. All of
> them are between the large scale of 4349 and 125802. It's possible to do
> this attack by brute forceing the htaccess password of the web interface
.....
--
Stephen Samuel +1(604)876-0426                samuel () bcgreen com
                   http://www.bcgreen.com/~samuel/
Powerful committed communication, reaching through fear, uncertainty and
doubt to touch the jewel within each person and bring it to life.