OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 3rd quarter (Jul-Sep) 1998: Re: 1+2=3, +++ATH0=Old school DoS

Re: 1+2=3, +++ATH0=Old school DoS

John M. Flinchbaugh (glynisBUTTERFLY.HJSOFT.COM)
Mon, 28 Sep 1998 03:52:40 -0400 

On Mon, 28 Sep 1998, Pete Gonzalez wrote:
> Also, it occurs to me that this vulnerability could possibly be used to
> make the person's modem hang up and dial 911.  :-)

this could be a real problem.  one of the early reports stated that the
attacker managed to take down 30-40% of an irc channel, correct?  so it
seems to be a bit widespread.

this could be used to make the modem dial those long-distance
international pay numbers and such.

and another observation i've noticed in testing this attack.  the victim
machine attampts to send the hangup string, drops it's network connection,
and the response fails to get back to the attacking host.  upon redialing,
the response is again sent when it tries to flush that connection, and the
modem goes offline yet again.  i do not know off hand how long it will do
this, but i witnessed a machine redial nearly 10 times before i finally
just offlined my own computer, so it would not find me and try to send it
again.

another possibility in this little attack would be to reconfigure the
modem, save the new settings, and online the modem again.  could you see a
dial up client being reconfigured to max out at a 2400 baud connection? :)

____________________}John Flinchbaugh{______________________
| -> glynishjsoft.com <-             johncs.millersv.edu |
|    glynisnetrax.net      http://www.hjsoft.com/~glynis/ |
~~Powered by Linux: Reboots are for hardware upgrades only~~