[4221] in North American Network Operators' Group
Re: SYN floods (was: does history repeat itself?)
daemon@ATHENA.MIT.EDU (Dima Volodin)
Mon Sep 9 13:49:20 1996
To: c-huegen@quad.quadrunner.com (Craig A. Huegen)
Date: Mon, 9 Sep 1996 13:44:52 -0400 (EDT)
Cc: freedman@netaxs.com, bwatson@genuity.net, nanog@merit.edu
In-Reply-To: <Pine.QUAD.3.94.960909090923.602A-100000@quad.quadrunner.com> from "Craig A. Huegen" at Sep 9, 96 09:13:32 am
From: dvv@sprint.net (Dima Volodin)
It just demonstrates the decline of the US education system one more
time - one doesn't need _any_ programming (apart from a rudimentary
ability to write shell while loops) to do SYN flooding attacks.
Dima
Craig A. Huegen writes:
>
> A friend of mine gave me a photocopy of a page in the latest 2600
> magazine. It was the source code for a SYN flooder on Linux, with a
> description of what it does and a notice on how it can really cause
> denial-of-service attacks.
>
> I can't remember if it also supplied the source for the source-spoof
> kernel patch or not, but it does mention that you should use the
> source-spoof patch to hide your identity.
>
> So, what does this say? Look for more 13-year-olds causing
> denial-of-service attacks for the hell of it. It seems a lot of the
> providers SYN flooders like to attack are the ones which have IRC servers,
> but the flooders attack the more traditional services of those providers,
> too.
>
> /cah
>
> ----
> Craig A. Huegen CCIE || ||
> Network Analyst, IS-Network/Telecom || ||
> cisco Systems, Inc., 250 West Tasman Drive |||| ||||
> San Jose, CA 95134, (408) 526-8104 ..:||||||:..:||||||:..
> email: chuegen@cisco.com c i s c o S y s t e m s
>
>
>
