From: Brian Nesbitt (b.nesbitt at domain am.qub.ac.uk)
Date: Tue 04 May 1999 - 12:38:28 IST
Hi,
> something that would be cool is to automatically run a winnuke,
> teardrop, land, etc.. against anybody who tries to connect to any
> important ports... (evil grin)
I done something like this with almost disasterous consequences.
I used the sentry program and got it to run winnuke, nmap, nestea and
lot of other nasty critters, in addition I altered a few of the
scripts so that the attacks would spoof ip addresses, usually
taking the address of the machine making the port connection. My
problem was that I filtered the auth port on my machine meaning
that any web-servers authenticating my connection would be nuked :)
This got out of hand when I discoverd than nmap was running on one
particular site for almost two weeks. I was throwing almost 10Mbs at
a 128kps line, which couldn't be traced :) During this time the
server in question was almost unreachable to any one else.
I'll not say who it was, I'll be keeping that to myself :)
I've since learnt my lesson and just ipchains to filter traffic.
---------------------------------------
| e-mail: b.nesbitt at domain am.qub.ac.uk |
---------------------------------------
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:10 GMT