North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

SUN: Re: New Denial of Service Attack on Panix

  • From: Allan Chong
  • Date: Thu Oct 03 14:07:39 1996

Dima Volodin wrote:
> 
> Now can I hold my breath waiting for vendors to incorporate this stuff
> into their products? Has anybody heard anything from Sun on this
> matter?
> The latest word going out from their SunService center is that 
their engineers are working on it.  The cust. support reps at
least seemed to know what it was right off (which means lots of 
people have been calling about it)

I've been monkeying about with the ndd settings, but I've had a
hard time getting the exploit code to work.  Both neptune (phrack)
and the 2600 code both send the SYN packets (after some work) but
a sniffer shows that both of these don't correctly spoof the IP 
address, so RSTs follow the reply.  

Does anyone have _simple_ working exploit code for any platform?

I'm going to go ahead and implement the ndd fix, but I'd sure as
heck like to know how much it fixes it.

allan
[email protected]
- - - - - - - - - - - - - - - - -