Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Denial of service attack against tcpdump
From: don () MAINFRAME DGRC CRC CA (Donald McLachlan)
Date: Sun, 7 May 2000 11:29:04 -0400

It is not the -n option which defeats dnsloop.c, but the -q option.
running:

        > tcpdump -n host XXX
        tcpdump: listening on hme0

and then from host XXX running dnsloop against that host:

        ./dnsloop YYYY
        dnsloop.c by Hugo Breton (bretonh () pgci ca)
        packet sent to host YYYY

tcpdump reports:

        11:23:33.553624 142.92.38.51.35520 > 142.92.38.223.53: 61094 A?

and is hung.  When they say quiet mode, that means with the -q option.
when run with the -q option tcpdump reports:

        11:26:16.417969 XXX.35521 > YYYY.domain: udp 18 (DF)

and does not hang.  Problem is you loose most of the useful TCP decoding.
Note the lack of TCP flags, ack and window info.

        11:26:15.053723 YYYY.1022 > XXX.login: tcp 1 (DF)
        11:26:15.054333 XXX.login > YYYY.1022: tcp 1 (DF)

Don

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]