ICMP fragments DOS Attack

V13 v13 at priest.com
Wed Feb 19 15:28:01 EET 2003


On Tuesday 18 February 2003 23:56, Giorgos Keramidas wrote:
> On 2003-02-18 18:54, Evripidis Papakostas <evris at source.gr> wrote:
> > CyberCr33p wrote:
> > >Kapoios mou kanei dos attack stelnontas icmp fragments se enan server
> > >mou. To attack ginetai apo 6-7 diaforetikous servers. Uparxei kapoios
> > >tropos na empodisw na mou trwei bandwidth? H prepei anagkastika na
> > >epikoinwnisw me ton ISP na mou blockaroun autoi ta icmp paketa pou
> > >erxonte pros ton server mou?
> >
> > minor disadvantage:
> > den ksero gia to an glitoseis to attack etsi, pantos xoris icmp paketa,
> > tha steritheis ektos kai tin traceroute
>
> Swstos.
>
> An einai aparaithth h xrhsh tou traceroute, kai prepei opwsdhpote na
> kopoun ta icmp paketa, as mou pei opoios endiaferetai.  Mporei na
> ksebaretho kai na kanw port ta local modifications tou FreeBSD
> traceroute se Linux.  Einai basismena stin ekdosh 1.4.a12 tou
> LBL-traceroute kai epitrepoun anamesa sta alla options opws:
>
> 	% traceroute -P udp host [...]

H traceroute doylevei me udp alla ta replies (ttl exceeded) apo ta opoia 
katalabenei to route einai icmp paketa. Genika to na kopseis ola ta icmp den 
einai kai toso kalh lysi tis perissoteres fores. Synithos arkei na kopseis ta 
icmp-echo alla kai pali den yparxei noima mias kai ayta tha soy erxontai, 
apla den tha ta epeksergazetai to mixanima...

Prosopika protimo tin lysi toy '-m limit' gia ton periorismo ton icmp-echo...

> Giorgos
<<V13>>



More information about the Linux-greek-users mailing list