?
Solved

Tear Drop, Land Attack, ICMP and UDP flooding

Posted on 2002-06-26
12
Medium Priority
?
2,518 Views
Last Modified: 2007-12-19
What is Tear Drop , Land Attack , ICMP or UDP flooding technic ? and How can I test with which tools or commands ?
0
Comment
Question by:sirator
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 200 total points
ID: 7110041
Tear Drop - sending fragmented packets which force to use negative numbers in TCP/IP software
Land Attack - DoS where sorce IP is equal destinatin IP
ICMP or UDP flooding - sending huge amount of packets to victim (to much to explain details here)
How can I test? - use nmap http://www.nmap.org/
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7119718
>How can I test with which tools or commands ?

If you're looking for the actual attack tools, check google - I cannot (or at least, will not) provide links to them here.  

Or if you cannot wait, just run old versions of ssh, bind, ftp, sendmail, telnet, and portmap servers - the tools will install themselves automatically [chuckle]...

Cheers,
-Jon

P.S.  Thanks ahoffman for your sendmail suggestions - keep up the good work...

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7125167
To be honest these attacks are all old hat now.  Most reputable firewalls stop these by default.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 7125456
examinations/homework papers are not as up-to-date as firewalls, probably ;-))
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7126138
>examinations/homework papers are not as up-to-date as firewalls, probably ;-))

The best summary of this thought I've heard to date is:

Holy homework questions, batman!

Cheers,
-Jon
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7127129
Jon, can't understand this phrase, just got it verbatim. Think I miss the joke ..
0
 

Author Comment

by:sirator
ID: 7127202
Thanks ahoffmann. Anyway for ICMP or UDP flooding , I heard that , it can be solved by O.S. itself. Really ? and Do you know , how ?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7127251
I only know of Linux (probably BSD too) which can set some counters which are used to deteckt potential floodings.
Solaris also have some rough implementation of this.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7127299
Software can detect potential floodings yes, but in doing so can be DoSsed itself, so best run this sort of thing on firewall platforms that don't even let such traffic through to your internal network.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7127703
cisco has rate limiters that will stop this stuff as well.

ahoffman, I guess you never saw the 60's batman TV show (or the Justice League cartoon in the 80's) - Robin (of Batman and Robin, the comic book characters) would always exclaim:

"Holy <favorite goofy thing>, batman!"

in a really silly manner - true camp.

Cheers,
-Jon
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7127724
Thanks Jon, think we continue this chat in another thread ;-)
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7127778
I thought that's what PAQ's were for hehe (just kidding).

Cheers,
-Jon
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question