Forwarded from: Kelley <securitylists@private> http://www.eweek.com/article2/0,1759,1773958,00.asp By Ryan Naraine March 8, 2005 Microsoft Corp.'s newest operating systems can be penetrated by an old-school-type denial-of-service attack, according to a warning from a security researcher. In a SecurityFocus advisory, researcher Dejan Levaja warned that Windows Server 2003 and XP Service Pack 2 (with Windows Firewall turned off) could lead to LAND attacks. A LAND attack is a remote denial-of-service condition caused by sending a packet to a machine with the source host/port the same as the destination host/port. The LAND attack scenario was discussed in 1997 by Carnegie Mellon's CERT Coordination Center. Using widely available reverse-engineering tools, Levaja found that a single LAND packet sent to a file server could cause Windows Explorer to freeze on all workstations connected to that server. "CPU on server goes 100% [and] network monitor on the victim server sometimes can not even sniff malicious packet," Levaja warned. He said the script could be replayed endlessly to cause a total collapse of the network. A spokeswoman for Microsoft confirmed Levaja's findings but downplayed the risk to customers. "Our initial investigation has revealed that this reported vulnerability cannot be used by an attacker to run malicious software on a computer. At this point, our analysis indicates the impact of a successful attack would be to cause the computer to perform sluggishly for a short period of time," the spokeswoman said in a statement sent to eWEEK.com. She said customers running the Windows Firewall, enabled by default on Windows XP SP2, are not impacted by this issue. Microsoft suggests that customers adopt TCP/IP hardening practices to protect against denial-of-service attacks. In the absence of a patch from Microsoft, security research outfit Secunia recommends that affected users filter traffic with the same IP address as source and destination address. http://www.inkworkswell.com "Be a scribe! Your body will be sleek, your hand will be soft. You are one who sits grandly in your house; your servants answer speedily; beer is poured copiously; all who see you rejoice in good cheer. Happy is the heart of him who writes; he is young each day." --Ptahhotep, Vizier to Isesi, Fifth Egyptian Dynasty, 2300 BC _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Wed Mar 09 2005 - 06:22:36 PST