Re: denial of service attack possible

Jim Shankland (jas@flyingfox.COM)
Fri, 27 Oct 1995 10:17:01 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Darrell Fuhriman: "Re: denial of service attack possible"
Previous message: Darren Reed: "Re: denial of service attack possible"
Maybe in reply to: Mark Thomas: "denial of service attack possible"
Next in thread: Dr. Frederick B. Cohen: "Re: denial of service attack possible"

[Denial of service possible by remote host putting multiple connections
to a port into the SYN_RCVD state, thereby precluding further
(legitimate) connection attempts.]

It's even worse.  The same thing was done deliberately by Kevin Mitnick
during his packet-spoofing attack on Shimomura's machines in San Diego.
Mitnick put lots of connections into the SYN_RCVD state on machine A,
thereby "jamming" machine A and preventing it from interfering
(by sending RST packets) with his attack on machine B, impersonating
machine A.

Jim Shankland
Flying Fox Computer Systems, Inc.

Next message: Darrell Fuhriman: "Re: denial of service attack possible"
Previous message: Darren Reed: "Re: denial of service attack possible"
Maybe in reply to: Mark Thomas: "denial of service attack possible"
Next in thread: Dr. Frederick B. Cohen: "Re: denial of service attack possible"