ICMP fragments DOS Attack
Stelios Bounanos
sb at dial.pipex.com
Wed Feb 19 03:16:01 EET 2003
>>>>> On Tue, 18 Feb 2003 23:56:42 +0200, Giorgos Keramidas
>>>>> <keramida at ceid.upatras.gr> was rumoured to have said:
> On 2003-02-18 18:54, Evripidis Papakostas <evris at source.gr> wrote:
>> CyberCr33p wrote:
>> >Kapoios mou kanei dos attack stelnontas icmp fragments se enan server
>> >mou. To attack ginetai apo 6-7 diaforetikous servers. Uparxei kapoios
>> >tropos na empodisw na mou trwei bandwidth? H prepei anagkastika na
>> >epikoinwnisw me ton ISP na mou blockaroun autoi ta icmp paketa pou
>> >erxonte pros ton server mou?
>>
>> minor disadvantage:
>> den ksero gia to an glitoseis to attack etsi, pantos xoris icmp paketa,
>> tha steritheis ektos kai tin traceroute
> Swstos.
> An einai aparaithth h xrhsh tou traceroute, kai prepei opwsdhpote na
> kopoun ta icmp paketa, as mou pei opoios endiaferetai. Mporei na
> ksebaretho kai na kanw port ta local modifications tou FreeBSD
> traceroute se Linux. Einai basismena stin ekdosh 1.4.a12 tou
> LBL-traceroute kai epitrepoun anamesa sta alla options opws:
> % traceroute -P udp host [...]
IIRC to traceroute doyleyei by default me UDP? H ekdosh sto debian
toylaxiston to ICMP to exei san epilogh:
-I Use ICMP ECHO instead of UDP datagrams.
Twra oson afora to dos attack, profanws den exei poly nohma na
blockarei kaneis paketa akribws panw ston proorismo ths epi8eshs :>
Epishs, afhste oloi hsyxa ta aparaithta (gia path mtu discovery klp)
ICMP paketa!
> Giorgos
Rgds,
/-sb.
More information about the Linux-greek-users
mailing list