Bugtraq: Re: denial of service attack possible

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: denial of service attack possible

From: jas () flyingfox COM (Jim Shankland)
Date: Fri, 27 Oct 1995 10:17:01 -0700


[Denial of service possible by remote host putting multiple connections
to a port into the SYN_RCVD state, thereby precluding further
(legitimate) connection attempts.]

It's even worse.  The same thing was done deliberately by Kevin Mitnick
during his packet-spoofing attack on Shimomura's machines in San Diego.
Mitnick put lots of connections into the SYN_RCVD state on machine A,
thereby "jamming" machine A and preventing it from interfering
(by sending RST packets) with his attack on machine B, impersonating
machine A.

Jim Shankland
Flying Fox Computer Systems, Inc.

By Date By Thread

Current thread:

Re: denial of service attack possible Andrew Gross (Oct 27)
- <Possible follow-ups>
- Re: denial of service attack possible Jim Shankland (Oct 27)
  - Re: denial of service attack possible Dr. Frederick B. Cohen (Oct 27)
  - Sendmail bug. Eduardo E. Silva (Oct 27)
  - New tool available: Netcat *Hobbit* (Oct 28)