Re: Guntella Built-in DoS

From: Walker Traylor (wtraylorat_private)
Date: Thu Sep 06 2001 - 15:26:27 PDT

Next message: X-Force: "ISS Alert: Multiple Vendor IDS Unicode Bypass Vulnerability"

Previous message: Brian Smith: "Re: Guntella Built-in DoS"
Next in thread: Steven M. Bellovin: "Re: Guntella Built-in DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Slightly more (and slightly old) info on using Gnutella in a DoS:

 http://www.aciri.org/vern/papers/reflectors.CCR.01/

--Walker

> On Thu, 6 Sep 2001, Robert Stoll wrote:
>
> > Hello all,
> >    I found what I believe may be a built-in DoS of sorts in Gnutella.  For

<snip>

> >    The problem is that the software has no way of verifying what values the
> > user has set, which of course can lead to mischief.  I can set the
> > advertised IP address and port to arbitrary numbers and the result will be
> > that the target machine will be bombarded with hundreds inbound tcp
> > connections from Guntella clients looking for information.  Do this with
> > enough clients and you have a re-incarnation of the old Smurf attack.  As of
> > this writing, I have verified this with the Gnotella and LimeWire clients.
> > I will be testing other clients as well but I am confident they will work
> > the same way.
> >
> >
> > Bob...

Next message: X-Force: "ISS Alert: Multiple Vendor IDS Unicode Bypass Vulnerability"
Previous message: Brian Smith: "Re: Guntella Built-in DoS"
Next in thread: Steven M. Bellovin: "Re: Guntella Built-in DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 16:27:04 PDT