HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 20 guests and 1 member online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Malwarearrow New DOS Attack Is a Killer.. (from Dark Reading)
Ethical Hacker Community Forums
January 07, 2009, 08:07:11 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: New DOS Attack Is a Killer.. (from Dark Reading)  (Read 2701 times)
0 Members and 1 Guest are viewing this topic.
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 365



View Profile WWW
« on: October 01, 2008, 09:18:17 AM »
Quote
Things are a-brewin’ in Sweden. Sweden is not just home of the infamous bikini team, it is also the home of Outpost 24, an equally sexy software-as-a-service network scanning service, and the employer of my friend Robert E. Lee and his colleague Jack C. Louis. These guys are the inventors of UnicornScan, a user-land TCP stack turned into a port scanner and a new tool "sockstress" anbd it could cause some real issues on the internet!

http://www.darkreading.com/blog.asp?blog_sectionid=403&doc_id=164939

A new kind of attack that was found by Mr. Lee & Mr. Louis (well back in 2005) and will be demo'ed soon at upcoming T2 conference in Helsinki.

MP3 interview here (Enginsh played 5 minutes in) http://debeveiligingsupdate.nl/audio/bevupd_0003.mp3

The tool's name is "sockstress" and is not going to be released since the vendors of affected TCP stacks have not fixed them yet.

Robert E Lee's Blog: http://blog.robertlee.name/


If this is true and is released there could be sme real issues for all of the internet.

Cheers,

Brian
« Last Edit: October 01, 2008, 09:39:09 AM by don » Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
RoleReversal
Hero Member
*****
Offline Offline

Posts: 507


View Profile WWW
« Reply #1 on: October 01, 2008, 09:43:47 AM »
Brian,

I read this over at DarkReading earlier today. I'm hoping it's more hype than substance as this could be fairly nasty if it lives up to billing. Can't see too much point in worrying at the moment though, as there aren't enough details release to the mainstream to work on a defence, and supposedly there are no work arounds at the moment.

Think I might start panicking if future developments on this go sour...
Logged
A little bit of sanity:
http://www.infosanity.co.uk
geekyone
Full Member
***
Offline Offline

Posts: 132



View Profile
« Reply #2 on: October 01, 2008, 04:03:32 PM »
I am really glad they are being responsible about disclosure on this one.  If it is as bad as they say things could get bad quick.  I am definitely with you on this one RR, really hope it is just hype.  I am looking forward to finding out the details as soon as it is patched.
Logged
CISSP, CEH, GPEN, GCIH
$w33p3R
Newbie
*
Offline Offline

Posts: 30


View Profile
« Reply #3 on: October 01, 2008, 09:39:04 PM »
Well, I have been the victim of Dos attacks before on servers that I had and I can say first hand they are not fun to experience.  But, I don't think I have ever seen a Dos attack that couldn't be defended against at some level on the network.  I am calling hype until I see proof.
Logged
MCP, CEH
shednik
Jr. Member
**
Offline Offline

Posts: 64


View Profile
« Reply #4 on: October 02, 2008, 11:32:57 AM »
Very interesting there....never fails always something new coming out
Logged
CCNA, MCP, A+, N+

WIP: Masters of Infosec, CEH, & Mastering C
BillV
Hero Member
*****
Offline Offline

Posts: 881


View Profile
« Reply #5 on: October 02, 2008, 10:18:06 PM »
Thanks, Fyodor.
Logged
RoleReversal
Hero Member
*****
Offline Offline

Posts: 507


View Profile WWW
« Reply #6 on: October 03, 2008, 04:17:23 AM »
Nice article Bill, thanks for sharing.

It'll be interesting to see how close Fyodor has got once the full details of the 'new' attack are released.
Logged
A little bit of sanity:
http://www.infosanity.co.uk
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.039 seconds with 23 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.