terminalillness
July 13th, 2002, 07:02 PM
What is an OOB packet, how does one go about sending one, and how does one go about filtering them out of certain ports so as to stop from being a victim of a DoS Attack.
Click to See Complete Forum and Search --> : Out of Band Packets
Terr
July 15th, 2002, 08:11 AM
In the context that I think you're talking about...
And OOB packet would just be a data chunk that is made in such a way that the recieving system goes 'oops' and messes up somehow due to a bug. If you're talking about a "Win-nuke" or something like that, it is largely fixed. It was basically sending data that the OS doesn't expect which causes a bug to occur which crashes the machine, it's nothing magic, just a mistake in the programming of the recieving machine so that it doesn't act correctly. You should be fine if you have updated Windows 95, 98, NT, 2k, ME, XP or some other OS.
And OOB packet would just be a data chunk that is made in such a way that the recieving system goes 'oops' and messes up somehow due to a bug. If you're talking about a "Win-nuke" or something like that, it is largely fixed. It was basically sending data that the OS doesn't expect which causes a bug to occur which crashes the machine, it's nothing magic, just a mistake in the programming of the recieving machine so that it doesn't act correctly. You should be fine if you have updated Windows 95, 98, NT, 2k, ME, XP or some other OS.
draziw
July 15th, 2002, 01:06 PM
Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by terminalillness
What is an OOB packet, how does one go about sending one, and how does one go about filtering them out of certain ports so as to stop from being a victim of a DoS Attack.
OOB packets are sent by setting the OOB flag on the TCP packet - a few databases actually use(d?) them for conveying real data across a network. It was, at one point, an unhandled flag in MS' TCP stack and, as a result, crashed their systems. At this point, updating your system(s) with MS' current patches should be enough to fix the thing.
Just block all unneeded ports and you should be fine (pretty much all inbound ports - there are some small exceptions to that if your firewall isn't stateful (like DNS/UDP, some high port UDP if you use traceroute, etc))
What is an OOB packet, how does one go about sending one, and how does one go about filtering them out of certain ports so as to stop from being a victim of a DoS Attack.
OOB packets are sent by setting the OOB flag on the TCP packet - a few databases actually use(d?) them for conveying real data across a network. It was, at one point, an unhandled flag in MS' TCP stack and, as a result, crashed their systems. At this point, updating your system(s) with MS' current patches should be enough to fix the thing.
Just block all unneeded ports and you should be fine (pretty much all inbound ports - there are some small exceptions to that if your firewall isn't stateful (like DNS/UDP, some high port UDP if you use traceroute, etc))
semp
July 15th, 2002, 05:11 PM
or just d/l a patch http://www.irongate.ch/security/defense.htm
antionline.com
Copyright 2007 Jupitermedia Corporation All Rights Reserved.
Copyright 2007 Jupitermedia Corporation All Rights Reserved.