Re: NT and Win95 users beware!

Dale E. Reed Jr. ( (no email) )
Sat, 10 May 1997 14:29:47 -0700

Phil Thomas wrote:
> Just to let everyone know, I actually have tested this also, and it
> does
> screw up just about any microsoft based machine. I have called
> microsoft
> about this issue and they are working on a way to resolve this
> problem.
> When and if I acutually get some more details I will post it on this
> list. If anyone would like a copy of the C++ source code and give it a
> try for themselfs, send me a personal email and I will mail you a
> copy.
> >> It is possible to remotely cause denial of service to any windows
> >> 95/NT user. It is done by sending OOB [Out Of Band] data to an
> >> established connection you have with a windows user. NetBIOS [139] seems
> >> to be the most effective since this is a part of windows. Apparently
> >> windows doesn't know how to handle OOB, so it panics and crazy things
> >> happen. I have heard reports of everything from windows dropping carrier
> >> to the entire screen turning white. Windows also sometimes has trouble
> >> handling anything on a network at all after an attack like this. A
> >> reboot fixes whatever damage this causes.

Ok. This says "ESTABLISHED connection". Did the person testing this
have prior authentication to your system? I know how to crash lots of
unix systems if you give me an account on them, and can reak havoc on NT
systems with a NETBIOS connection. But I have to be IN. If you can
forward the source, i'll see about compiling it on NT and see what
on some tests here.

-- Dale E. Reed Jr.  (       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |