[22548] in bugtraq
Re: Guntella Built-in DoS
daemon@ATHENA.MIT.EDU (Walker Traylor)
Thu Sep 6 19:29:55 2001
Date: Thu, 6 Sep 2001 18:26:27 -0400 (EDT)
From: Walker Traylor <wtraylor@professionalsites.com>
To: Robert Stoll <bob@esr.com>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <Pine.BSF.4.30.0109061721580.11695-100000@biont.pair.com>
Message-ID: <Pine.BSF.4.30.0109061824510.17920-100000@biont.pair.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Slightly more (and slightly old) info on using Gnutella in a DoS:
http://www.aciri.org/vern/papers/reflectors.CCR.01/
--Walker
> On Thu, 6 Sep 2001, Robert Stoll wrote:
>
> > Hello all,
> > I found what I believe may be a built-in DoS of sorts in Gnutella. For
<snip>
> > The problem is that the software has no way of verifying what values the
> > user has set, which of course can lead to mischief. I can set the
> > advertised IP address and port to arbitrary numbers and the result will be
> > that the target machine will be bombarded with hundreds inbound tcp
> > connections from Guntella clients looking for information. Do this with
> > enough clients and you have a re-incarnation of the old Smurf attack. As of
> > this writing, I have verified this with the Gnotella and LimeWire clients.
> > I will be testing other clients as well but I am confident they will work
> > the same way.
> >
> >
> > Bob...
