http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212500752 By Kelly Jackson Higgins DarkReading Dec 16, 2008 A researcher has unleashed a free denial-of-service (DoS) hacking tool for flooding TCP sessions. Called LetDown, the penetration testing tool is part of a larger package of tools called Complemento that was created by Italian researcher Acri Emanuele. "Complemento is a collection of tools that I originally grokked up for my personal toolchain for solving some problems or just for fun," Emanuele wrote in his post announcing the availability of the tools. He also admits having concerns about releasing LetDown to the public. "I had some doubts, because with this tool [it] is possible to crash a server configured in the wrong way using very slow connections, without the need of botnets. A great fun for script kiddies," Emanuele told Dark Reading. "Basically, LetDown is a TCP flooder that completes the three-way handshake and sends a requests to the server without closing the connection," he said. "LetDown is aimed specifically at pen testers and server owners that want to test the resiliency of their networks against DoS attacks in order to properly configure the rules on resource management on their systems." [...] _______________________________________________ Help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Thu Dec 18 2008 - 01:28:29 PST
This archive was generated by hypermail 2.2.0 : Thu Dec 18 2008 - 01:43:56 PST