Eicon Networks S92 Bedienungsanleitung PDF herunterladen (Seite 199)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 199

andSmurfstyleattacks,aswellasprovidingan"ondemand"rootshellboundtoa

TCPport.…

Thenetwork:attacker(s)>client(s)>daemon(s)>victim(s)…

Theattacker(s)controloneormoreclients,eachofwhich cancontrolmanydaemons.

Thedaemonsareallinstructedtocoordinateapacketbasedattackagainstoneor

morevictimsystemsbytheclient.”

74

So,ideally,weourselvesshouldactastheattackerswhocontroltheclientsatthe

compromisedsystemstodirectdaemonsrunningontheamplifiers.

BelowisthesyntaxoftheoriginalTFN:

[tribefloodnetwork]    (c)1999byMixter

usage:./tfn   [ip][port]

containsalistofnumericalhoststhatarereadytoflood

1forspoofmasktype(specify03),2forpacketsize,

is0forstop/status,1forudp,2forsyn,3foricmp,

4tobindarootshell(specifyport)

5tosmurf,firstipistarget,furtheripsarebroadcasts

[ip]         targetip[s],separatedby@ifmorethanone

[port]       mustbegivenforasynflood,0=RANDOM

Theproblemwehavehereis,TFNworkswellonmostLinuxandUnixflavors(such

asSolarisandRedhat),butnotonWindows! Infact,theWintelversioncannotbe

located(wedon’tevenknowif itexists).Ifthecompromisedsystemsare

Windowsbased,wemayhavetoexcludetheminourplan,oruseanothertool

instead.

A SimplerAttack

Insteadofusing TFN,asimplerwaytolaunch smurfattackispossible.Followthe

74

http://staff.washington.edu/dittrich/misc/tfn.analysis

1 2 ... 194 195 196 197 198 199 200 201 202 203 204 ... 208 209

Keine Kommentare

Eicon Networks S92 Bedienungsanleitung Seite 199