On Fri, 6 Nov 1998 01:46:17 -0600, you wrote: The problem with a timeout not shutting down the port was fixed almost a month ago. Spoofing is always a problem, that is why the script was written such that channel takeovers are not possible. puppet >2) CPU DoS against NukeNabber (NT only?) > >I haven't tested this on anything other than Windows NT 4.0 SP3 >(Workstation & Server) > >How it works: > >NukeNabber listens on several ports for connections. You can configure it >to listen on any port, but the standards are 1080, etc. >If you telnet to the port of a machine that NukeNabber is listening on, >NukeNabber apparently spawns a process called Report.exe. This process >lasts anywhere from 30-90 seconds, and consumes ~100% CPU. The problem >with this is fairly obvious. (note: when connecting to a port that >NukeNabber is listening on, it's important that you don't type anything. >Just let the connection sit and time out.) > >Fix: > >Unsure > >Has the author been notified? > >Yes, about 6 weeks ago. I received no reply. > > >While we're on the subject of NukeNabber, I'll point something else out. >NukeNabber has a nifty feature that establishes a DDE link with an IRC >client. (mIRC or pirch) There are scripts written for both clients that >have the option to kick/ban any host found to be "nuking" from all the >channels that you're oped in, and can also /ignore them. This can become >interesting when someone has a version of WinNuke that can spoof a source >IP. If a person has the kick/ban/ignore feature active, you can turn them >against the people in their channels quite easily. Again, lots of fun to >be had here. (I believe the only "nuke" that NukeNabber listens for is a >WinNuke.) --- Get NukeNabber 2.9a & The Cleaner 1.9d @ http://www.dynamsol.com/puppet/ Read the NN FAQ @ http://www.dynamsol.com/puppet/faqs/nnfaq.html PGP Key ID: B4066BF1 Fingerprint: FF3E 9A24 E08C 69BB C318 F702 FBCF 3DC4 B406 6BF1
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:22 PDT