Preface: SynDrop attackLogo -Internet Security Systems

SynDrop attack
advICE :Intrusions : 2000005
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

Dangerous IP fragment overlap generated by the syndrop program. Your operating system may become unstable or crash.

Details

Fixes are available for most operating systems - consult your operating system vendor for more information, or look at the CERT and Microsoft Advisories on this subject.

The source address is likely to be spoofed. This means that the sender of the frame is probably not using his actual source address, and is pretending to be someone else. Unfortunately, there is no easy way to determine who is actually sending spoofed frames.

 more information
BugtraqID: 376   Linux IP Fragment Overlap Vulnerability
 
BugtraqID: 543   Linux IPChains Fragment Overlap Vulnerability
 
advICE: spoofing  
 

 parametric information
expectedThe expected value of the fragment offset.
offsetThe actual value of the fragment offset.
lengthThe length of the fragment.

 
Version appeared:
Privacy Policy |  Copyright Info