Help! We're trapped in the computer, and the computer is trapped in 2008! Someone call the time police!
0 Members and 1 Guest are viewing this topic.
TITLE:Microsoft Windows LAND Attack Denial of ServiceSECUNIA ADVISORY ID:SA14512VERIFY ADVISORY:http://secunia.com/advisories/14512/CRITICAL:Less criticalIMPACT:DoSWHERE:>From remoteOPERATING SYSTEM:Microsoft Windows Server 2003 Datacenter Editionhttp://secunia.com/product/1175/Microsoft Windows Server 2003 Enterprise Editionhttp://secunia.com/product/1174/Microsoft Windows Server 2003 Standard Editionhttp://secunia.com/product/1173/Microsoft Windows Server 2003 Web Editionhttp://secunia.com/product/1176/Microsoft Windows XP Home Editionhttp://secunia.com/product/16/Microsoft Windows XP Professionalhttp://secunia.com/product/22/DESCRIPTION:Dejan Levaja has reported a vulnerability in Microsoft Windows,allowing malicious people to cause a DoS (Denial of Service).The vulnerability is caused due to improper handling of IP packetswith the same destination and source IP and the SYN flag set. Thiscauses a system to consume all available CPU resources for a certainperiod of time.This kind of attack was first reported in 1997 and became known asLAND attacks.Microsoft Windows XP with SP2 and Microsoft Windows 2003 have beenreported vulnerable.SOLUTION:Filter traffic with the same IP address as source and destinationaddress at the perimeter.PROVIDED AND/OR DISCOVERED BY:Dejan Levaja
I'd personally do as Joe suggests
You might be right about that, Joe.