On Fri, 2001-12-07 at 14:37, c0redump wrote:
has anyone test this against Windows XP Professional? or Windows 2000
with PGPNet?
i had tested windows XP Professional using nc on a linux machine, doing
cat /dev/zero |nc -u target 500
and
while : ; do cat /boot/vmlinuz ; done | nc -u target 500
both result on 60 to 90 % cpu usage, but machine keeps responding. same
test against a windows 2000 professional with PGPNet instaled gave the
same result, 100% CPU Usage.
Linux with IPSec Support and ipsec enabled gave high cpu usage too. but
nothing with can render the machine unusable.
> UDP DoS in Win2k via IKE
>
> PROBLEM
> =======
> A DoS attack can be carried out on Win2k machines running IKE (internet key
> exchange) by sending flooding IKE with UDP packets. This can cause the
> machine to lock up and render 99% of the CPU.
>
> EXPLOIT
> ======
> Connect to port 500 (IKE) of the Win2k box and start sending UDP packets of
> more than 800 bytes continuously. The box will eventually stop responding
> and services will be denied due to 99% CPU usage from the packets.
>
> SOLUTION
> =======
> Firewall port 500 off if IPSsec is not in use.
>
> c0redump@ackers.org.uk
> gridrun@spacebitch.com
> #hacktech @ undernet
--
Marcelo Bartsch
mbartsch@netglobalis.net
#
# Failure is not an option. It comes bundled with your Microsoft
product.
# Fallar no es una opcion. Viene incluido con tu producto Microsoft.
# -- Ferenc Mantfeld
PGP signature
