Preface: AntiSniff DNS exploitLogo -Internet Security Systems

AntiSniff DNS exploit
advICE :Intrusions : 2000418
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

The AntiSniff program can be exploited by sending a specially crafted DNS frame. If successful, the intruder can execute code on the system which is running AntiSniff.

Details

AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. An intruder could use L0pht AntiSniff to gain information about a network that could be useful in an attack. An attacker could also use L0pht AntiSniff to locate compromised machines that have been placed in promiscuous (sniffing) mode that could be later used by an attacker.

 more information
BugtraqID: 1207   AntiSniff DNS Overflow Vulnerability
 
L0pht/AtStake Research Labs  
AntiSniff Technical Description  
University of Buffalo's Ethernet/MAC FAQ.  
 
RFC1700   IEEE 802 Numbers of Interest
 
RFC1466   Guidelines for Management of IP Address Space RFC 1466
 
DNS  
More about the DNS service.   
 
Version appeared: 2.2
Privacy Policy |  Copyright Info