[9364] in bugtraq
Re: More oshare testing.
daemon@ATHENA.MIT.EDU (Dariusz Zmokly)
Fri Feb 5 03:22:02 1999
Date: Fri, 5 Feb 1999 01:03:43 +0100
Reply-To: Dariusz Zmokly <ak8735@BOX43.GNET.PL>
From: Dariusz Zmokly <ak8735@BOX43.GNET.PL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.04.9902022357580.962-100000@bh-ridgway>
Hi !
On Tue, 2 Feb 1999, C.J. Oster wrote:
> While testing the oshare attack a little more, I have found something that
> you may find interresting. Here at the university, many people are
[..]
Here are my observations :)
[ 2 series of attacks each of 20 to 30 trials ]
linux with kernel 2.0.35 against win98 polish version
linux with kernel 2.0.34 against same system another computer
[ Procedure ]
Computer with windows was just started then I tried to send 10000 of
oshare packets to him.
[ Results ]
there is a 50 % chance windows is not vulnerable
25 % chance win would reboot
25 % chance win would show screen with 'Critical error message' then
it would work but doesn't see network
[ Strange thing ]
If windows wasn't vulnerable just after starting computer I found it
sometimes vulnerable. That happend after pinging another computer from
windows box. It looks like performing some network activity on computer
with windows makes it more vulnerable.
greets
globi
/ unix researcher /
/ globi on irc channels #plug, #coders /
