Re: A modest proposal
On Sep 17, 8:04pm, Robert E. Seastrom wrote: * * From: Dalvenjah FoxFire <dalvenjah@dal.net> * * I haven't used any myself, but apparently there are several software * packages out there with a pretty graphical front end, complete with * Hollywood-style "Click to destroy machine" buttons and menus. * *Uh huh, right. If you ever actually see anything like this, lemme know. Ok, RS. One piece of software is called UpYours! and it's a mailbombing tool built by a group called "Global kOS" to run over Windows95. It's got a lovely interface including buttons for "BOMB" "ULTRA" and "STOP" with an input window for "Countdown" start & stop times, a choice of edited or randomized source names, randomized (from a configurable list) mailers to route the bomb through, your message (should you choose to enter one) and a few other variables. You can mailbomb someone directly or subscribe them to as many mailing lists as you set up. It can supposedly spam newsgroups as well. I think they were working on something to implement IP spoofing in the mix as well but I haven't heard whether that went through. If it does, it'll be unfortunate because the primary way we were backtracking was having sites being used as remailers turn on various types of accounting to match time stamps with sources. It was released in June to the particular consternation of those sites whose mailers or mailing lists were used as defaults in the code. It has been implied that this was the tool used to hit a number of well-known reporters, the White House, Congress and several other people, places and things a month or two so ago. It only runs on Windows95 and it crashes a lot and there's more hype than substance but it is comparitively simple to set up and configure and can be used to abuse anyone from a dial-up account. This tool is just the one "GUI-fied" piece of attack software that I've dealt with. I'm fairly sure there are others - simple to set up, simple to configure, available for any idiot to use. Kelly J. -- Kelly J. Cooper Network Operations Security BBN Planet Corporation phone 800-632-7638 150 Cambridge Park Drive fax 617-873-6351 Cambridge, MA 02140 http://www.bbnplanet.com
* I haven't used any myself, but apparently there are several software * packages out there with a pretty graphical front end, complete with * Hollywood-style "Click to destroy machine" buttons and menus. * *Uh huh, right. If you ever actually see anything like this, lemme know. Ok, RS. One piece of software is called UpYours! and it's a mailbombing tool built by a group called "Global kOS" to run over Windows95. It's got a lovely interface including buttons for "BOMB" "ULTRA" and "STOP" with an input window for "Countdown" start & stop How did the topic get changed from packet-spewing attacks to application-layer attacks? About the only thing UpYours has to do with synflooding a machine is that they can both generate a bit of network traffic. Besides, mailbombings are directed at users, not hosts (though they have a tendency to take down the latter as collateral damage). Bottom line: mailbombing is just an abuse of resources, not an "exploit" to kick a machine over; in fact, Sendmail has circuit breakers in it to keep it from taking down a machine by sheer load (running out of space in the mail spool is a different issue). As the unlucky recipient of mailbombing attacks from several sources including the illustrious Fred Cohen, I have found mailbombing attacks to be pretty trivial to defend against anyway. ---Rob
participants (2)
-
Kelly J. Cooper -
Robert E. Seastrom