HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 98 guests and 3 members online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Malwarearrow New DOS Attack Is a Killer.. (from Dark Reading)
EH-Net
February 10, 2012, 08:19:40 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: New DOS Attack Is a Killer.. (from Dark Reading)  (Read 5646 times)
0 Members and 1 Guest are viewing this topic.
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 385



View Profile WWW
« on: October 01, 2008, 09:18:17 AM »
Quote
Things are a-brewin’ in Sweden. Sweden is not just home of the infamous bikini team, it is also the home of Outpost 24, an equally sexy software-as-a-service network scanning service, and the employer of my friend Robert E. Lee and his colleague Jack C. Louis. These guys are the inventors of UnicornScan, a user-land TCP stack turned into a port scanner and a new tool "sockstress" anbd it could cause some real issues on the internet!

http://www.darkreading.com/blog.asp?blog_sectionid=403&doc_id=164939

A new kind of attack that was found by Mr. Lee & Mr. Louis (well back in 2005) and will be demo'ed soon at upcoming T2 conference in Helsinki.

MP3 interview here (Enginsh played 5 minutes in) http://debeveiligingsupdate.nl/audio/bevupd_0003.mp3

The tool's name is "sockstress" and is not going to be released since the vendors of affected TCP stacks have not fixed them yet.

Robert E Lee's Blog: http://blog.robertlee.name/


If this is true and is released there could be sme real issues for all of the internet.

Cheers,

Brian
« Last Edit: October 01, 2008, 09:39:09 AM by don » Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 857



View Profile WWW
« Reply #1 on: October 01, 2008, 09:43:47 AM »
Brian,

I read this over at DarkReading earlier today. I'm hoping it's more hype than substance as this could be fairly nasty if it lives up to billing. Can't see too much point in worrying at the moment though, as there aren't enough details release to the mainstream to work on a defence, and supposedly there are no work arounds at the moment.

Think I might start panicking if future developments on this go sour...
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
geekyone
Full Member
***
Offline Offline

Posts: 175



View Profile
« Reply #2 on: October 01, 2008, 04:03:32 PM »
I am really glad they are being responsible about disclosure on this one.  If it is as bad as they say things could get bad quick.  I am definitely with you on this one RR, really hope it is just hype.  I am looking forward to finding out the details as soon as it is patched.
Logged
CISSP, CEH, GPEN, GCIH, GCFA
$w33p3R
Newbie
*
Offline Offline

Posts: 30


View Profile
« Reply #3 on: October 01, 2008, 09:39:04 PM »
Well, I have been the victim of Dos attacks before on servers that I had and I can say first hand they are not fun to experience.  But, I don't think I have ever seen a Dos attack that couldn't be defended against at some level on the network.  I am calling hype until I see proof.
Logged
MCP, CEH
shednik
Jr. Member
**
Offline Offline

Posts: 75


View Profile
« Reply #4 on: October 02, 2008, 11:32:57 AM »
Very interesting there....never fails always something new coming out
Logged
CCNA, MCP, A+, N+

WIP: Masters of Infosec, CEH, & Mastering C
BillV
Hero Member
*****
Offline Offline

Posts: 1790


View Profile WWW
« Reply #5 on: October 02, 2008, 10:18:06 PM »
Thanks, Fyodor.
Logged
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 857



View Profile WWW
« Reply #6 on: October 03, 2008, 04:17:23 AM »
Nice article Bill, thanks for sharing.

It'll be interesting to see how close Fyodor has got once the full details of the 'new' attack are released.
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.191 seconds with 23 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge Training: Build Security Skills to Protect and Defend

offsec_130x200-2_jan-feb2012.png
Offensive Security
AWE Live in the Caribbean!
March 5 - 9, 2012

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: Refer_EHN
Including SANS Phoenix 2012, SANS 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.