> -----Original Message-----
> From: Phil Thomas [SMTP:phil@aci.net]
> Sent: Saturday, May 10, 1997 1:53 PM
> To: 'ntisp@emerald.iea.com'
> Cc: 'daler@iea.com'
> Subject: RE: NT and Win95 users beware!
>
> Just to let everyone know, I actually have tested this also, and it
> does
> screw up just about any microsoft based machine. I have called
> microsoft
> about this issue and they are working on a way to resolve this
> problem.
> When and if I acutually get some more details I will post it on this
> list. If anyone would like a copy of the C++ source code and give it a
> try for themselfs, send me a personal email and I will mail you a
> copy.
>
> Phil
>
> >-----Original Message-----
> >From: Josh Hillman [SMTP:hillman@talstar.com]
> >Sent: Saturday, May 10, 1997 11:36 AM
> >To: ntisp@emerald.iea.com
> >Subject: NT and Win95 users beware!
> >Importance: High
> >
> >Nasty little flaw in NT and 95:
> >
> >A friend of mine (who runs a unix-based ISP) forwarded this message
> (at the
> >end) to me a little while ago. I gave him permission to test it
> using my
> >home computer as a guinea pig (telling him what IP address I had
> assigned
> >to me at the time) while running in Windows 95 as well as running in
> NT
> >Server and both times, as soon as he ran the program from his unix
> machine,
> >my computer instantaly produced a "blue screen of death."
> >
> >Windows 95 (4.0.950a):
> >BSOD stating that it might be possible to continue normally after
> hitting
> >any key. After hitting any key, it returned to Win95's explorer
> shell, but
> >all maximize, minimize, restore, scroll-arrow, start button were
> visually
> >missing (video had gotten corrupted.) My dialup networking
> connection was
> >still there, but I couldn't ping any IP addresses anymore.
> >
> >Windows NT Server 4.0 SP2 with the various hot-fixes:
> >BSOD producing a memory dump, then automatically reboots the machine.
>
> >After NT reboots, CPU usages fluctuates erratically and all memory is
> >almost immediately consumed. After I rebooted the machine,
> everything went
> >back to normal.
> >Looking in the MEMORY.DMP file, it dit NOT display the IP address
> where the
> >"hack" originated from.
> >
> >The program used to "kill" the 95 and NT machines was a small C
> program
> >compiled on a Unix system (in this particular case: "SunOS nexus 5.4
> >Generic_101945-43 sun4m sparc") but works on other Unix systems as
> well.
> >
> >Unfortunately, this program was distributed this morning to all those
> that
> >subscribe to "bugtraq@netspace.org".
> >
> >
> >
> >> ---------- Forwarded message ----------
> >> Date: Fri, 9 May 1997 22:11:55 -0400
> >> From: myst <myst@LIGHT-HOUSE.NET>
> >> To: BUGTRAQ@NETSPACE.ORG
> >> Subject: Windows 95/NT DoS
> >>
> >> Hello,
> >>
> >> It is possible to remotely cause denial of service to any
> windows
> >> 95/NT user. It is done by sending OOB [Out Of Band] data to an
> >> established connection you have with a windows user. NetBIOS [139]
> seems
> >> to be the most effective since this is a part of windows.
> Apparently
> >> windows doesn't know how to handle OOB, so it panics and crazy
> things
> >> happen. I have heard reports of everything from windows dropping
> carrier
> >> to the entire screen turning white. Windows also sometimes has
> trouble
> >> handling anything on a network at all after an attack like this. A
> >> reboot fixes whatever damage this causes.
> >
> >
> >
> > ----------------------------------------------------------
> > NTISP Mailing List listserver@emerald.iea.com
> >
>
> ----------------------------------------------------------
> NTISP Mailing List listserver@emerald.iea.com