New Denial of Service Attack on Panix

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

   (2) Using documented stochastic methods, look for the hidden
       pattern in the pseudo-random sequences.  There are computer
       programs to do this, sorry, I would have to do a search to
       find one (the exist, however);

Watch out for this step, it's a doozey.

The attacker could be using a non-cryptographic random number
generator (like rand() or random()), but if he had a clue, he would be
using a cryptographic random number generator based on DES, IDEA, RC4,
etc., to generate the random bitstream to fill the headers.

He could also be using /dev/random on late-model linux systems which
would probably be even harder to reverse-engineer.

					- Bill

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]