[2311] in bugtraq
Re: denial of service attack possible
daemon@ATHENA.MIT.EDU (Jim Shankland)
Fri Oct 27 17:03:11 1995
Date: Fri, 27 Oct 1995 10:17:01 -0700
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Jim Shankland <jas@flyingfox.COM>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
[Denial of service possible by remote host putting multiple connections
to a port into the SYN_RCVD state, thereby precluding further
(legitimate) connection attempts.]
It's even worse. The same thing was done deliberately by Kevin Mitnick
during his packet-spoofing attack on Shimomura's machines in San Diego.
Mitnick put lots of connections into the SYN_RCVD state on machine A,
thereby "jamming" machine A and preventing it from interfering
(by sending RST packets) with his attack on machine B, impersonating
machine A.
Jim Shankland
Flying Fox Computer Systems, Inc.
