OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: John (johnsTAMPABAY.RR.COM)
Date: Sat Feb 17 2001 - 13:14:02 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To my knowledge I thought Napatha was released on Jan. 27th 2001 by
    Robert Keves. I saw it released on Packet Storm but, I did not see it on
    Security Focus (or am I blind ;) ). Here is the description as follows
    below.

    naptha-1.1.tgz 5371 Jan 27 01:16:18 2001
    Naptha v1.1 is a denial of service attack against many OS's which uses
    established TCP connections to create a resource starvation attack. Includes
    three tools - bogusarp makes a bogus entry in the router's arp cache so it
    actually puts packets with our faked source address on the Ethernet,
    synsend,
    and srvr which replaces ackfin from Naptha 1.0. Tested against Windows 95,
    98 and NT4 and more. Compiles on Linux 2.2.x, OpenBSD 2.7, FreeBSD 4.0.
    Homepage: http://razor.bindview.com. By Robert Keyes

    I have not tested this as I have not had the time to do so since the
    release.

    http://packetstorm.securify.com/0101-exploits/naptha-1.1.tgz
    http://razor.bindview.com/
    bkeyesrazor.bindview.com

    ----- Original Message -----
    From: Helios Security (Helisec) <NIKEBOYRETEMAIL.ES>
    To: <VULN-DEVSECURITYFOCUS.COM>
    Sent: Saturday, February 17, 2001 11:40 AM
    Subject: [kiss from Helisec] : testing sinn

    : i have tried sinn between two machines of my network. this is what i got:
    :
    :
    : my_host:/users/Personal/docs/naphta#./sinnd 10.0.0.1 10.0.0.2 21 eth0
    :
    : my_host:/users/Personal/docs/naphta# ./sinn 10.0.0.1 21 10.0.0.2 21 1000
    : Creating 1000 connections
    : 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
    28
    : 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53
    ...
    :
    : my_host:/home$ ftp 10.0.0.2
    : ftp: connect: Connection refused
    : ftp>
    :
    : and the victim host didnt recover till i rebooted
    :
    : at first, i thought sinn and sinnd were working just fine, but after that
    i
    : tried not to run sinnd and repeat the attack with sinn, and got same
    results.
    : finally, i tried a little shell script that opened multiple connections to
    : ftp port, and same results. so, nothing to do with sinn.
    :
    : we'll have to wait till naphta is released :)
    :
    : _kiss_