1995-09-29 - Re: Hack Microsoft

Header Data

From: Simon Spero <ses@tipper.oit.unc.edu>
To: “Perry E. Metzger” <perry@piermont.com>
Message Hash: 21d7ef6ed43d4fbf1fdbea2d161e8b3891ac6113ed02dfa263294d3650d90005
Message ID: <Pine.SOL.3.91.950929100423.2942B-100000@chivalry>
Reply To: <199509281510.LAA21039@frankenstein.piermont.com>
UTC Datetime: 1995-09-29 17:09:34 UTC
Raw Date: Fri, 29 Sep 95 10:09:34 PDT

Raw message

From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 29 Sep 95 10:09:34 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Hack Microsoft
In-Reply-To: <199509281510.LAA21039@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950929100423.2942B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Sep 1995, Perry E. Metzger wrote:

> Thats almost an invitation to hack Microsoft's web products, isn't it?

Not a real attack- cos it's just a Denial Of Service, but it is kind of 
amusing... 

Windows NT has an interesting property in its handling of TCP connection 
establishment. NT has a small limit on the maximum size of its listen 
queue - it also handle queue overflow in a different way to BSD derived 
stacks. Instead of just dropping the connection request, and allowing the 
client TCP to retry automatically, NT sends a RST packet that aborts the 
connection. 

Ok, you can shutdown just about anything on the Net right now, and there 
won't be a real defence possible until IPSEC starts getting installed, 
but microsoft makes it much too easy. 

Simon






Thread