North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Fwd: stream.c - new FreeBSD exploit?

  • From: Richard Steenbergen
  • Date: Fri Jan 21 00:02:19 2000

On Thu, Jan 20, 2000 at 03:01:51PM -0500, Allan Carscaddon wrote:
> Fresh from BUGTRAQ:

Oh jesus christ. Enough already. This packet generation code was written
by myself approx 5 months ago, for testing purposes. The only difference
between it and other SYN flooders is the code is much cleaner and it is
unfortunantly puts out an order of magnitude more packets per second then
previously existing code (some of which defined "grungy" especially the
crap like synk4 slice and other popular packet kiddie programs). A certain
individual who shall remain nameless at this time decided to release it to
some packet kids 5 months after the fact. There is absolutily nothing new
or interesting about the ack flooding, just pure luck and cooincidence
that said individual was playing around with the flags out of stupidity
and left it as TH_ACK in the ver that got out. The only thing even
slightly interesting is that the code does a much better job of being
efficient, within the limitation that any high packet per second program
entirely in userland using calls to send() will suck no matter what
(doesn't rebuild the entire packet every time only the parts that
change... common sense?). For everyone that cares the person who
originally posted to bugtraq will not be releasing it, and neither will
anyone else, so would everyone put their little packet peckers back in
their pants and move on.

Richard A. Steenbergen <[email protected]>
PGP Key ID: 0x60AB0AD1  (E5 35 10 1D DE 7D 8C A7  09 1C 80 8B AF B9 77 BB)
AboveNet Communications - AboveSecure Network Security Engineer, Vienna VA
"A mind is like a parachute, it works best when open."   -- Unknown