Introduction to TCP/IP.
That means packets! Datagrams! Ping oversize packet denial of service
exploit explained. But this hack is a lot less mostly harmless than most. Don't
try this at home...
____________________________________________________________
If you
have been on the Happy Hacker list for a while, you've been getting some items
forwarded from the Bug traq list on a new ping packet exploit.
Now if
this has been sounding like gibberish to you, relax. It is really very simple.
In fact, it is so simple that if you use Windows 95, by the time you finish
this article you will know a simple, one-line command that you could use to
crash many Internet hosts and routers.
*************************************************
YOU CAN GO
TO JAIL WARNING: This time I'm not going to implore the wannabe evil genius
types on this list to be virtuous and resist the temptation to misuse the
information I'm about to give them. See if I care! If one of those guys gets
caught crashing thousands of Internet hosts and routers, not only will they go
to jail and get a big fine. We'll all think he or she is a dork. This exploit
is a no-brainer, one-line command from Windows 95. Yeah, the operating system
that is designed for clueless morons. So there is nothing elite about this
hack. What is elite is being able to thwart this attack.
**************************************************
**************************************************
NEWBIE
NOTE: If packets, datagrams, and TCP/IP aren't exactly your bosom buddies yet,
believe me, you need to really get in bed with them in order to call yourself a
hacker. So hang in here for some technical stuff. When
we are
done, you'll have the satisfaction of knowing you could wreak havoc on the
Internet, but are too elite to do so.
A packet
is a way to send information electronically that keeps out errors. The idea is
that no transmission technology is perfect. Have you ever played the game
"telephone"? You get a dozen or so people in a circle and the first
person whispers a message to the second. Something like "The bun is the
lowest form of wheat." The second person whispers to the third, "A
bum is the lowest form of cheating." The third whispers, "Rum is the
lowest form of
drinking."
And so on. It's really fun to find out how far the message can mutate as it
goes around the circle.
But when,
for example, you get email, you would prefer that it isn't messed up. So the
computer that sends the email breaks it up into little pieces called datagrams.
Then it wraps things around each datagram that tell what
computer
it needs to go to, where it came from, and that check whether the datagram
might have been garbled. These wrapped up datagram packages are called
"packets."
Now if the
computer sending email to you were to package a really long message into just
one packet, chances are pretty high that it will get messed up while on its way
to the other computer. Bit burps. So when the receiving computer checks the
packet and finds that it got messed up, it
will throw
it away and tell the other computer to send it again. It could take a long time
until this giant packet gets through intact.
But if the
message is broken into a lot of little pieces and wrapped up into bunches of
packets, most of them will be good and the receiving computer will keep them.
It will then tell the sending computer to retransmit just the packets that
messed up. Then when all the pieces finally get there, the receiving computer
puts them together in the right order and lo and behold, there is the complete,
error-free email.
TCP/IP
stands for Transmission Control Protocol/Internet Protocol. It tells computers
that are hooked up to the Internet how to package up messages into packets and
how to read packets these packets from other computers. Ping uses TCP/IP to
make its packets.
**********************************************
"Ping"
is a command that sends a feeler out from your computer to another computer to
see if it is turned on and hooked to the same network you are on. On the
Internet there are some ten million computers that you can ping.
Ping is a
command you can give, for example, from the Unix, Windows 95 and Windows NT
operating systems. It is part of the Internet Control Message Protocol (ICMP),
which is used to troubleshoot TCP/IP networks. What it does is tell a remote
computer to echo back a ping. So if you get your ping
back, you
know that computer is alive. Furthermore, some forms of the ping command will
also tell you how long it takes for a message to go out to that computer and
come back again.
But how
does your computer know that the ping it just sent out actually echoed back
from the targeted computer? The datagram is the answer. The ping sent out a
datagram. If the returning ping holds this same datagram, you know it was your
ping that just echoed back.
The basic
format of this command is simply:
ping
hostname
where
"hostname" is the Internet address of the computer you want to check
out.
When I
give this command from Sun Release 4.1 Unix, I get the answer "hostname is
alive."
**************************************
TECHNICAL
TIP: Because of the destructive powers of ping, many Internet Service Providers
hide the ping program in their shell accounts where clueless newbies can't get
their hands on it. If your shell account says "command not found"
when you enter the ping command, try:
/usr/etc/ping
hostname
If this
doesn't work, either try the command “whereis ping” or complain to your ISP's
tech support. They may have ddiabled ping for ordinary users, but if you
convince tech support you are a good Internet citizen they may let you use it.
***************************************
****************************************
NEWBIE
NOTE: You say you can't find a way to ping from your on-line service? That may
be because you don't have a shell account. But there is one thing you really
need in order to hack: A SHELL ACCOUNT!!!!
The reason
hackers make fun of people with America Online accounts is because that ISP
doesn't give out shell accounts. This is because America Online wants you to be
good boys and girls and not hack!
A
"shell account" is an Internet account in which your computer becomes
a terminal of one of your ISP's host computers. Once you are in the
"shell" you can give commands to the operating system (which is
usually Unix) just
like you
were sitting there at the console of one of your ISP's hosts.
You may
already have a shell account but just not know how to log on to it. Call tech
support with your ISP to find out whether you have one, and how to get on it.
***************************************
There are
all sorts of fancy variations on the ping command. And, guess what, whenever
there is a command you give over the Internet that has lots of variations, you
can just about count on there being something hackable in there. Muhahaha!
The flood
ping is a simple example. If your operating system will let you get away with
giving the command:
-> ping
-f hostname
it sends
out a veritable flood of pings, as fast as your ISP's host machine can make
them. This keeps the host you've targeted so busy echoing back your pings that
it can do little else. It also puts a heavy load on the network.
Hackers
with primitive skill levels will sometimes get together and use several of
their computers at once to simultaneously ping some victim's Internet host
computer. This will generally keep the victim's computer too
busy to do
anything else. It may even crash. However, the down side (from the attackers'
viewpoint) is that it keeps the attackers' computers tied up, too.
**************************************
NETIQUETTE
NOTE: Flood pinging a computer is extremely rude. Get caught doing this and you
will be lucky if the worst that happens is your on-line service provider closes
your account. Do this to a serious hacker and you may need an identity
transplant.
If you
should start a flood ping kind of by accident, you can shut it off by holding
down the control key and pressing "c" (control-c).
**************************************
*************************************
EVIL
GENIUS TIP: Ping yourself! If you are using some sort of Unix, your operating
system will let you use your computer to do just about anything to itself that
it can do to other computers. The network address that takes you back to your own host
computer is localhost (or 127.0.0.1).
0 comments:
Post a Comment