[4588] in North American Network Operators' Group
Re: A modest proposal
daemon@ATHENA.MIT.EDU (Robert E. Seastrom)
Wed Sep 18 18:58:33 1996
Date: Wed, 18 Sep 1996 18:54:07 -0400 (EDT)
From: "Robert E. Seastrom" <rs@bifrost.seastrom.com>
To: kcooper@noc.bbn.com
CC: nanog@merit.edu
In-reply-to: <9609181510.ZM11011@noc.bbn.com> (kcooper@noc.bbn.com)
* I haven't used any myself, but apparently there are several software
* packages out there with a pretty graphical front end, complete with
* Hollywood-style "Click to destroy machine" buttons and menus.
*
*Uh huh, right. If you ever actually see anything like this, lemme know.
Ok, RS.
One piece of software is called UpYours! and it's a mailbombing
tool built by a group called "Global kOS" to run over Windows95.
It's got a lovely interface including buttons for "BOMB" "ULTRA"
and "STOP" with an input window for "Countdown" start & stop
How did the topic get changed from packet-spewing attacks to
application-layer attacks? About the only thing UpYours has to do
with synflooding a machine is that they can both generate a bit of
network traffic. Besides, mailbombings are directed at users, not
hosts (though they have a tendency to take down the latter as
collateral damage). Bottom line: mailbombing is just an abuse of
resources, not an "exploit" to kick a machine over; in fact, Sendmail
has circuit breakers in it to keep it from taking down a machine by
sheer load (running out of space in the mail spool is a different
issue). As the unlucky recipient of mailbombing attacks from several
sources including the illustrious Fred Cohen, I have found mailbombing
attacks to be pretty trivial to defend against anyway.
---Rob
