"The most serious of the three Windows XP vulnerabilities is the remotely exploitable buffer overflow. It is possible for an attacker to write custom exploit code that will allow them to execute commands with SYSTEM level access, the highest level of access within Windows XP."
"The other two vulnerabilities are types of denial of service attacks. The first is a fairly straightforward denial of service attack, which allows an attacker to remotely crash any Windows XP system. The crash will require Windows XP users to physically power down their machines and start them up again before the system will function. The second denial of service attack is a distributed denial of service attack. This vulnerability allows attackers to remotely command many Windows XP systems at once in an effort to make them flood/attack a single host."
B02K - (Back ORifice) -
Back Orifice (often shortened to BO) is a controversial computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location.[1] The name is a word play on Microsoft BackOffice Server software.
Back Orifice was designed with a client-server architecture. A small and unobtrusive server program is installed on one machine, which is remotely manipulated by a client program with a graphical user interface on another computer system. The two components communicate with one another using the TCP and/or UDP network protocols. In a reference to the Leet phenomenon, this program commonly runs on port 31337.
The program debuted at DEF CON 6 on August 1, 1998. It was the brainchild of Sir Dystic, a member of the U.S. hacker organization CULT OF THE DEAD COW. According to the group, its purpose was to demonstrate the lack of security in Microsoft's operating system Windows 98.
Although Back Orifice has legitimate purposes, such as remote administration, there are other factors that make it suited for less benign business. The server can hide itself from cursory looks by users of the system. As the server can be installed without user interaction, it can be distributed as payload of a Trojan horse.
For those and other reasons, the antivirus industry immediately categorized the tool as malware and appended Back Orifice to their quarantine lists. Despite this fact, it was widely used by script kiddies because of its simple GUI and ease of installation.
A sequel application, Back Orifice 2000 was released in 1999.
(from wikipedia)
Bonk Attacks (Bonkbonkbonk)
The Bonk attack is a variation of the now infamous Teardrop attack, and works much like the Boink attack, although it does not allow UDP port ranges. The Bonk attack manipulates a field in TCP/IP packets, called a fragment offset. This field tells a computer how to reconstruct a packet that was broken up (fragmented), because it was too big to transmit in a whole piece. By manipulating this number, the Bonk attack causes the target machine to reassemble a packet that is much too big to be reassembled. This causes the target computer to crash. A simple reboot is usually sufficient to recover from this attack. It is possible that unsaved data in applications open at the time of attack will be lost.
DDoS attacks - (Distributed Denial of Service Attacks) - (CERT)
Teardrop -Any remote user can crash a vulnerable machine.
Land -Any remote user that can send spoofed packets to a host can crash or "hang" that host.
2 define:
jolt atk, LAND atk, Nestea atk, POD Atk, Saihyousen atk, snork atk, SYN drop atk, teardrop atk, winnke, xmas scan, buffer overflows, Zombie bot, trojan, malware.
Additional resources: The New Hackers Dictionary
(gotta run to store, brb)
No comments:
Post a Comment