lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20050723173522.GB17671@jschipper.dynalias.net>
Date: Sat Jul 23 18:35:29 2005
From: j.schipper at math.uu.nl (Joachim Schipper)
Subject: Snatching IP on LAN,
	how to DoS/block such machines?

On Wed, Jul 20, 2005 at 11:27:17PM +0200, Niklas wrote:
> Oh forgot to mention this is a univeristy, open around the clock, with
> thousands of users with physical access to whatever.
> 
> But I  thank you kindly, Marc No Mad. You really helped out on the subject. :p
> 
> Addon: I don't have access to the  DHCP, or any other central
> services. So we're back the "how do i DoS my clients" on my  subnet,
> based on ip/MAC?
> 
> No 802.1x available here .... probably won't be in 2005....
> 
> /n

There's always the option, though it may be a little more complex than
you intended, of using something like Snort+FlexResp. Load up the p2p
rulesets, modify them to shut down any offending connections.

It won't exactly DoS them, but people will need to do a lot better than
just fire up Kazaa. Of course, good attackers may try all sorts of
sneaky tricks - who are you trying to keep out? The casual p2p user, or
a determined hacker with physical access? The latter is quite difficult.
;-)

(Disclaimer: I've never tried FlexResp...)

		Joachim

Powered by blists - more mailing lists