SUN: Re: New Denial of Service Attack on Panix
Allan Chong
allan at bellsouth.net
Thu Oct 3 17:19:00 UTC 1996
Dima Volodin wrote:
>
> Now can I hold my breath waiting for vendors to incorporate this stuff
> into their products? Has anybody heard anything from Sun on this
> matter?
> The latest word going out from their SunService center is that
their engineers are working on it. The cust. support reps at
least seemed to know what it was right off (which means lots of
people have been calling about it)
I've been monkeying about with the ndd settings, but I've had a
hard time getting the exploit code to work. Both neptune (phrack)
and the 2600 code both send the SYN packets (after some work) but
a sniffer shows that both of these don't correctly spoof the IP
address, so RSTs follow the reply.
Does anyone have _simple_ working exploit code for any platform?
I'm going to go ahead and implement the ndd fix, but I'd sure as
heck like to know how much it fixes it.
allan
allan at bellsouth.net
More information about the NANOG
mailing list