Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Old-School DoS Attack Can Penetrate XP SP2



 By: Ryan Naraine
2005-03-08
Article Rating:starstarstarstarstar / 1


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Microsoft's newest operating systems can be penetrated by a denial-of-service attack that dates back to 1997. Redmond downplays the threat to customers.

Microsoft Corp.s newest operating systems can be penetrated by an old-school-type denial-of-service attack, according to a warning from a security researcher.

In a SecurityFocus advisory, researcher Dejan Levaja warned that Windows Server 2003 and XP Service Pack 2 (with Windows Firewall turned off) could lead to LAND attacks.

A LAND attack is a remote denial-of-service condition caused by sending a packet to a machine with the source host/port the same as the destination host/port. The LAND attack scenario was discussed in 1997 by Carnegie Mellons CERT Coordination Center.

Resource Library:

Using widely available reverse-engineering tools, Levaja found that a single LAND packet sent to a file server could cause Windows Explorer to freeze on all workstations connected to that server. "CPU on server goes 100% [and] network monitor on the victim server sometimes can not even sniff malicious packet," Levaja warned.

He said the script could be replayed endlessly to cause a total collapse of the network.

A spokeswoman for Microsoft confirmed Levajas findings but downplayed the risk to customers.

"Our initial investigation has revealed that this reported vulnerability cannot be used by an attacker to run malicious software on a computer. At this point, our analysis indicates the impact of a successful attack would be to cause the computer to perform sluggishly for a short period of time," the spokeswoman said in a statement sent to eWEEK.com.

For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.

She said customers running the Windows Firewall, enabled by default on Windows XP SP2, are not impacted by this issue. Microsoft suggests that customers adopt TCP/IP hardening practices to protect against denial-of-service attacks.

In the absence of a patch from Microsoft, security research outfit Secunia recommends that affected users filter traffic with the same IP address as source and destination address.

Check out eWEEK.coms for the latest security news, reviews and analysis.



  Reader Comments: Old-School DoS Attack Can Penetrate XP SP2
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}kw"Z 9;;n 6a6ކgr]ttnl39YOx$GHf;N=JRT*Jo^ȹ kB.ܤ$;G}]zg{/K$[_@1(ː펨[(29 }4 1!|f ẍ=>b9o;| `OS{S uɔ_oلx>}nnb bhY#bQm x#x¤%#85ѺAQ9ijMcT#Ayc%B}{&g;1,, D%h1Qe30w{/<Pcw-̪rdx/S֡(v2%vn@Z #LHȾBwo=d;3{ -XdUZD b%Cc7`wh S*PVf0;k!tKkc]Ƕ<ۥ#5|CH M}2rH n: 8Ոj16|uӧ$@',ۢ,nO`uؾxۉkϭ.j.8b#*m H&ާ4C}öaK HQndaE6gQ_5M-ZEQjrTU ՚NTȾLÚ?Nnh뭛+%UzѽlGAnnp[^׵Vh\w|jr m + o%&џ@DbJ|m'" ԂNIu_H5](酭~Zj^SW\*aZ츆G`%pbQUrnNgSK׺nw[:p|n!|#9Ġ˚PBb E+5Ro9;yi_vnsMN['.g{:Wh6 ?)N\mUVn6O|w3Q&sZC4<[TUIͼCbs|"Sj]}<>o$7Y>흒_>. !=W<nr2C2qlw"beQc5s#aM<`~xƈmȌcPu tZC;J|NjZR}}G_HQ_'X]w P3Z$23]X MHأkM`3R`_S A̗V.``(A/g- 5t*軨(qf1;A0<7*_\@ 2 p*^̆tqv^nWՉ:YX^uefjZn]fp޾k[Yx:%ݫe.Zn} 8^$glh|*$]ezrcZԷWrGdR+@E*߂* rMGL%a e sn(CZG>̩a>-+>D#ʠ:광b{\ _N @sՇ{v4A.dz\H rXbD=HzFH$>6ZЉl׃@%'A ϛu%09{ ɝ5z9P5ݻi{y1Cդw;Tfg,u]P{2c:GX[ S&x KG!% q0yzOEإi/&BD(jH !Alq [ķ hxd+ ~Cy5y"!bXk"['5XxB#ܞ}X|(PύVb!b -xkb|)l eX&zpfBd '$Xr`Y \+|)l l[6蛅RӴjj4nMhЀ-Gn]]y9"M؂ɩ* C KXAk~n0H6(Yqa5ÂҊUsξS kԸGX~G7-93,0NᔄWjX-! 2j0}M/Xgu1 :ʑ:,:-\wĶ`弇d:.`>>{B naD`/3Ҫ||=Ꭴm4@>z[.z8 8r!N5kb$ӠCO 6q^i[ſTc˦rkbfTQn^hћAx(LR[k RT{ N-Z WZڄ"JM:P>L2PEɥ% tU2qnQxm {gk+]PWe_Mo }d4vX*EM8X3ld xAFF2`AD}a&$ë =mOyHnS>E|<=\bjbvTS4 ˀQ5vX=Äや_ۄeK,|w0tjb9읯l g}aGlJsWcv9& gƀI8(%!'mwfK ĖAϗ~ܣn{T. {DTe6ff T_lP-xoJD%hWR&4Z@턇gHڸ /|P" 8zx<@*&ODBTFNJ --UEN= =淠qyzI|L< Ksͧ]=1c* *3|oC{@d+|a}ZIUZA-˸AX7rcSFOPxx /Oq}\ryw͆}cTo̟}V}zCmUMwK\ f>%ܧ`SaSFTFh?`72$VG 2cU)WFh3](( H3kpЯ96_&?ZL!'Ic(+pDaQO o8T;'PR*,xeO#cClȂtx!WMU-C `1t.aOS)ĥVt u< _{ M]-WC$ ؈wC 4k 0Y[ ⺪ʾ_i7k}h#RF2A="꣕8lq vt& ZJB5?9k*<ʑ3\wz!Zز\,ۀ V03F_xH]~7NGͤ_#t<'\մbl_4#1s*? \< gg\a+w9e>c'_;JXco!*"t+>;/"}{`kuɛ(.xg@5gDcK:jU-'F&GtEVjIk5W}zKdC|ez%~%Re3>z*ETʃYiŨ =cx{ێ1d}̩7O۷/UU^SG;:9& ߐ@O( ] ?8еqE.c_eUVY1p BM4zH=ʧ|DuQT4r7 \vN9^F̣زme7i m#r[ yxTs%4eD3/l.Gغ<y=PwFyq O)ss[Im'˸݋[ԔuX?Y7Xy*?n3ć)uqTдHw ض\,2fc"hcĽ'RA-KdA\Ey{w:vݹ<" "5~+Ea%4W}ykv-?|<-~71%|˞FIM $ȅ XLpj$9Ĩ}/vC{{<=m_y6 u <8.odhPu.Isͯy%{uD's=BjO"y rBݫ='upi)q&m2䙗G82~qp _z0l%ziR[Ku͉|9kq*D|=x_5g@ܰa45|}XsFwP\wa&`$؏*Xu2ݽ:o~d'eN'" m! D785S*PW2EHqA%N['&' &9xDmnB~<B<Mp<& ]lX{p3[يq'9?$$Ee"S`݅{[s=F nXR7?|KP .Mu>RoRJ"8^y;)~ڲ/܃Y(^HcӾ? zt@It=ǛP'i&.s[G3f-ɔBB4<Q2m؞iYzB,cTcH(PP{I3>etޞ,Hy=Yi@ylZӽK3BJ$eζDė4 zyR#F[xq'Xt!}6PR4XՒoeU! 0>@3`e|>*GCN =4+jZugfܥm sFa:{[T@(NVu2k=-,&]7O>-zόEoIM2х/Ȅ]KԇS6^åC0i[=/P.V=s)k,ڎX>+¿|O4dwDm7;'N9V:E4rO0CݡٿO?eR=KeݖisPKKɘ&BASU-un {jY9sJeWV2{nd+n$Qd1׭ Pdƛ%q-+֐#CՇݷ0}KO85(@k~]epw.ߕC Cz٥-Zϲܢȥ9e9<]-.^Sr>^Ge*u@OKtG]_|Q{,b5o14+ߞLL*wtW耩c O?a"K reNjh?z}3'rX38sH2q&cx2C%wVp. v_!O"%JJ aM)!_Ц ŵaZǴ p8|+؊wf_O5oNւc3Ocpߍ_k ]5p+c[.ěs3[@)ꙷWƭp̢%Klm1hO ˷ٸAƣ3Â]i[CYE*gF94Mrι#Ǿg6Ga1`!]v ODj=8m;rjL إ挺P6^=} {K x".,V]D]nKGъ. l!"S~ ;Ueݓ?z8 CH kּϿ7 /{r^nѻ}')b1^(~rC+ qN0 ^ gXpmsD Ϸm4DDQ&ơ(1xw}L9el!3KV|trܔ'|2vZht $d9z+Cv $v# iэ*⇸<`0ϋ0W}ӭY  }1^)1.=Y7 ߜcMxK\Y ']+ƦU+T'j~~8̻67wˎ@M:}a#NU_SPwWjZ)Ǐjb7'bhBIa3rl&tl}#k]b# Ie)(/j9`F1s%"p$wy(GzRPE; MI堿+B*v]煜m㙾Z:߸K76ax 7 UvwXrg/{JBY8j/lH-T1(Z a _%B|.zυlKа i g ^RO$ԙEW:0 cەnlw&5}X"͓v/H3N+Dr.X -F8}-R|9L K靈$)IU%‹K?f]Ğ#7e_t?fr/ATR.t zĊI%^M!=+~M9W|q`(͍!$JI)(ҕ)1sbP.a.Brxcc˂ /-r_F\!֘+{:쓼P3>޽n//Ó `+pE nAtVǗNJ;\AR סh7 CCذ0"h%*aꫤmLjcr;RD6,Ђm&rr+Ļߌߌߌߌkĭ(jFH6-7:gkRnJݩ |H< u@z^ݔ:$NW:mדԼZ(k:Kp67xcl0S,% <% 5eMhV൑j<ĖbF# b!GTJ ~M X+mFٽ>}ɿYʶVyWSOg{.]QJTA,TmFjEY IH9fy;_ %Mˡr?K=ԡ^5QjV+}t@`ZE=k \[N eM|m b1!g\l*VB5ra#8Ƭ-'ҫyh/,Z(A=]Sԙ$a#R %k[w5f!7v+%-_}$P-wԆnz ~ÐtTša n{Rn`¤B\JL$`%#-` U; 6 eeeek 2.0=X.lX.lph=<|\֯&A0n +(^PO^:7,Ԧ46dF[>Ybs?uj2 MNy 0uLP90.2Zt2\ߒtwcZ䷉N qI cT<%視É{𞃏FvOy$ċ ?mlYhh#\_hTtMv7O4,)# &#6p t"`{!y"~<ٶHRKwKh\fH-)֔j\8Bկp)ytlteh׆wԛr` Ė $)~᰷kcے\Asg߷Am knƅV{7; "Z1r^UrYC-1ϖo;N<ߔ vtKz1!Og]yҿ[!F0|ƀ>Yl~X@Hvj}c!ᥙ!~жej `|F0-c l )0U=|Ȋhkkqd9;V -b%Zz?bc6N;q=6W!s{وj:!TJE:`LӊbqX36GH_: XÕz$⃣݅^#z]aֶ/18w1W 8}j^~i//m~1l;- \ :`0`R2ğUM Þ gPL ÙBtyrEc@d15BksAnǟ=(׌Sٻgsh]*ZPlm!W+H夂,k$V@10{>\z-pbR}Ez7( 3 K?A2yB}jSf vf4 :6MbzH~RJ~n/||ou˯}LE570/X dT(BH5̥ +PxuDoGID=?xf|'|&jI5#⟎Z&2RgOW8$1d @aG1g0DIo;ˣa#6Mq|>_Doo>q.<>ثO e9L3bsWF%1{H J@ 4CX^Qk3"a ^4J716ǜSDRUs.A$ȰS#mz^CGBkGRk=X;Xhfyl +-;sxB(͊NX0L`:{hp:p :fġ@c,*𲧋b{AFЭq612,L 9L΀Tfp]jh XӸHvJ\WjT9 =fhJYTaݸg14TWdF=yԡ8mh##/5K4G1a]2yc_b؈>PPG(0jr/[c21{|<œ>V-V]I5t3g(]!* A '{wn/~ۊ2<=ͭ293f;Rv fbbs>'3B0OyX^M\6LH_+L6mQU1ַg%9ڥ]baILx'SX|-2CNb08} С23?b)_b~mz.+sYl'L5h)mf\6xl rj42q5,<cDU<11t+PHjNTLO0Y\C3 Fg/>QHUA-v 5 ]i_88?AnIa(t&g|L'm c n,rt`w'rX*Zv LJ/tX0+b=8#>> Cd2zޘx8aB3ʊW@7}H[g'ɃdZ∁/e슃L(bNAq4Z C}N.[7V׺ Vž6 }ڎܙ.a,2<k!f,d|֐X ]XVZAfȻ=Ët#lmpjCϓ /#}}8-l \S-rr(G17o޺T<ET/SOa@9P-SbX""b\1XQ?yeMZs Ҏ`AXv\Nc]C1"+dd}tKМ1f;`8mN6E|괯#D[7` 6C?;b<1c\.G>OP" ]ΰ"@[ g o#!\w2%%n4Wp= 9_>lafԟڠ96ՙes1}Oe~tt6c3 gC[eE9Ylb!,cN~ݜ(8&J9 t!/HBzNsj~cPp]a_L'#~\}>k_ۗLpa%FoD湾xQ(3{YybzʜTZ.ͅdEp,iSU8$xG_1=Te8g@׋'a?)Qd;̋ aW~s4{ec8 yzzvtlEv#g%^NW!'(E|qt{r:h) чzQe cs!>['=ҹleJkꋲs !_!הkȿޜJmw ۜ 88m@3Y ~CߧG9C;ޜ>4ڧ)пvJ>ӾLɇSs7?o?)ak\"e" >"\/RyB@)UJk))R 9#a|R )7{B7MJ7@7)_$)ef 5pvs_4SXyV [˳*ȳ);F'^KJs)i3e%_7KQ\J}u9+ƥ&w*Wi[xM}-kkF1j4 b} 5Ru(X2M"6+(21hpWYdcBh b{Heÿ~Wb构u]}\Lz.!{] We[M'ik(s3gqo{42& !,EcbL "%/ܻCz̈n~q) s ҟT=hĽM?|n}=Fu }OqLzu?Oշ]{iRZei3a* 6íEi78rh7oRG<uvN>^{YAi]_6W-hgBK'n"1 ͛Y,Cn,^v&i#(<9)܁>K>@m^̶+j>`9?soxJX6&6neP!IX%MlEݨ'П N>z@Oܙ{KY&3(V ";oR-HGsP{aQrP3 b<ç37r;Hτ[VI׿#|S%/M V1 2d jJrXN$'H`wȼ!ɇBCi$nY?w/ BCոtBrmX 7X1h:!fq`DzqcY|ѷ&F\c/1^60{gNG ړی!IU/ $I[D{Nc,Gl `Arl)Wu Z}0;وXq%fv)we6M6 u;1HBGϙ<T#^0.?􆺉˳{mmbuu7L?/R^ۍYp ǚ1tAuIz!_Fc|(pމi`gĈ/ty$RK]v`t9D<]&dO>6 WJF%ʎ$L)nA_ lɡ>o僇rBlX+.Ġ/>''4wB-xYugmJ퇞mј0_cVP"uWdzԤԶP#dH6=8ʟ6``a?>N@>AыpO`zB=hϑt ̞hqzF߭Uh#MXBÙ|򼮉H Y8[T"?SzGMz1LJ1@b BrvM> J 1&/ă_ g \ zH5|t,EfeS% !mϠb_᥷?sԷe^&M¶5̅+RZs Iˈ? dK,ź cAaQY+YJ>= 6T@|-%{6HDR}F0J'.?es<= j7;3, ˎ0F3)$RxS{FXV?b` \ }wHv#ax:vCAU C 恜0њeߛt4>$(+u`'+~,3v[ś,!Mt0/o9kn>7a$T9ʍ'/Ast+ 6[ '"ۂKuJM>W¹"bRGHǸ[t[ Q~: <Ш1XLavE9b 7MvRmRo#(+Nm41ȞxAؕ#׮< + vf$6ѾapatX  V|޹+no3e_lk4^ma,e۾׎aY&5D3//N \707L{̋luGy%%CbFCa0F;`" 1>GxH>%B6Qry6Irb; g85Z-U%ժ6ѩh^٢C<R3 eNJEh z.t3 pGxv\sp ϩw{_|Iެoe;J zs5EKS&sё/|KmtẉC|r'uW?NA 20t7/'^&@-fZ 3?:1n"j,@V ;)~`x82#^u]cduub(vΡ1.WALaK럢g'}K#yZGľ%R3[jO?Es18C {?3!n.ݦY=r0V= hlVp(^z(06Zڼ%[sdHW (3R=TJZ1sX1:4vx‚;1C<4A9;|caKW ?:SR^)k ΅.2./DCXyr>3!/~ߑ/xEČ:8j{Wr^-WQj{cr*3EVxgұy3(x?PbJ{%c3^}fk~p5-qUb7XnKs"ݓ9 ظ@0~ [tWºòV MtmUD2Sێ87{sA- k|SȻbnX[4_A3R]TvКMv3_ ށ@tF04|@ ]Yq$LA{d`J.ܺevlܳ HM|\- .e%7!x -wXެ5 %!|i[R9R]RӄAŠ= סxU#ٜPx??+'sOEJ?f|ea5UP0~fM_VƿU6<.6>~6Df M[naVcH('`6725Fjtw$^9eQeě^ =}13X+|a hPx7KkR)RS`0T<-V(LV$E9mQ>g F́ЈzkbJm1 b;9&1pHxێZv~BD<*Գvu?1-ט&'=,o~uBf%:D=|MƗsB@XšC~C q{7$*+wVnv1v1> [64R9l'3{쪭eǣC+qd̬;rP2dɗwŔԼ/R]zUZ>`Z+DjnLfq:vlMk8`n.u!NLۣ5Lö#쐠7xp Tށj+&aqeO|B!ث\ރODkA4ɾ>֘g˞tּh><ׇ W-m: J|, s+QMChMIs}w?7O~~xy*M#ZQs}J`borWxA|[uK 5X$l6J}.Txg8@Vʱh"$24AZ3&xc}*y[1CHlo-;k1_\/ehPrqqcJߥLeFѻNڱ dggt2+òE7 dn>