On Fri, 2001-12-07 at 14:37, c0redump wrote: has anyone test this against Windows XP Professional? or Windows 2000 with PGPNet? i had tested windows XP Professional using nc on a linux machine, doing cat /dev/zero |nc -u target 500 and while : ; do cat /boot/vmlinuz ; done | nc -u target 500 both result on 60 to 90 % cpu usage, but machine keeps responding. same test against a windows 2000 professional with PGPNet instaled gave the same result, 100% CPU Usage. Linux with IPSec Support and ipsec enabled gave high cpu usage too. but nothing with can render the machine unusable. > UDP DoS in Win2k via IKE > > PROBLEM > ======= > A DoS attack can be carried out on Win2k machines running IKE (internet key > exchange) by sending flooding IKE with UDP packets. This can cause the > machine to lock up and render 99% of the CPU. > > EXPLOIT > ====== > Connect to port 500 (IKE) of the Win2k box and start sending UDP packets of > more than 800 bytes continuously. The box will eventually stop responding > and services will be denied due to 99% CPU usage from the packets. > > SOLUTION > ======= > Firewall port 500 off if IPSsec is not in use. > > c0redumpat_private > gridrunat_private > #hacktech @ undernet -- Marcelo Bartsch mbartschat_private # # Failure is not an option. It comes bundled with your Microsoft product. # Fallar no es una opcion. Viene incluido con tu producto Microsoft. # -- Ferenc Mantfeld
This archive was generated by hypermail 2b30 : Wed Dec 12 2001 - 08:56:28 PST