Vulnerability Development mailing list archives
Re: Naptha - New DoS
From: Dug Song <dugsong () MONKEY ORG>
Date: Sun, 10 Dec 2000 16:57:21 -0500
On Sun, Dec 10, 2000 at 09:14:23AM -0600, Simple Nomad wrote:
Regarding scut's comment that 3wahas already does this -- the answer to that is not exactly. Forging just the TCP packets will work to a certain extent, forging the generated arp requests as well will cause much more effective and quicker resource depletion.
um, i released a simplified version of my "nakji" tool to do just that
back in April, when Stanislav Shalunov published his "netkill" attack.
state-holding attacks against TCP weren't really news then, and they
certainly aren't news now.
http://www.deja.com/getdoc.xp?AN=616571925
Stanislav did, however, identify some novel ways to maximize the
impact of such an attack by exploiting exceptionally bad failure
modes, including forcing the remote TCP into an indefinite persist
state with pending data for retransmission on a closed window.
i doubt that "NAPTHA" pulls any new tricks, but i've never seen it.
-d.
---
http://www.monkey.org/~dugsong/
Current thread:
- Re: Naptha - New DoS, (continued)
- Re: Naptha - New DoS Filipe Almeida (Dec 16)
- Re: Naptha - New DoS Bruno Morisson (Dec 17)
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Michael H. Warfield (Dec 09)
- Re: Naptha - New DoS Jose Nazario (Dec 09)
- Re: Naptha - New DoS Ron DuFresne (Dec 09)
- Message not available
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Simple Nomad (Dec 11)
- Re: Naptha - New DoS Dug Song (Dec 11)
- Re: Naptha - New DoS Stephane Aubert (Dec 12)
- Re: Naptha - New DoS AV (Dec 12)
- Re: Naptha - New DoS Damian Menscher (Dec 13)
- Re: Naptha - New DoS Ryan Permeh (Dec 15)
- Re: Naptha - New DoS Dug Song (Dec 15)