|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Denial of Service Attack on Panix
(2) Using documented stochastic methods, look for the hidden
pattern in the pseudo-random sequences. There are computer
programs to do this, sorry, I would have to do a search to
find one (the exist, however);
Watch out for this step, it's a doozey.
The attacker could be using a non-cryptographic random number
generator (like rand() or random()), but if he had a clue, he would be
using a cryptographic random number generator based on DES, IDEA, RC4,
etc., to generate the random bitstream to fill the headers.
He could also be using /dev/random on late-model linux systems which
would probably be even harder to reverse-engineer.
- Bill
- - - - - - - - - - - - - - - - -
|