Denial of Service Attacks (2)

• Land Attack

  • November 1997
  • affects many Unix,Windows NT/95, routers and switches
  • uses poorly implemented TCP/IP stack
  • send a TCP SYNC packet
    • destination IP address= source IP address= victim’s IP address
    • source port = destination port = available port on victim’s machine
  • result: machine crashes

• Land Attack defense

  • vendor patches
  • anti-spoof filters

Previous slide

Next slide

Back to first slide

View graphic version