[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hack Microsoft

To: "Perry E. Metzger" <[email protected]>
Subject: Re: Hack Microsoft
From: Simon Spero <[email protected]>
Date: Fri, 29 Sep 1995 10:11:27 -0700 (PDT)
Cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

On Thu, 28 Sep 1995, Perry E. Metzger wrote:

> Thats almost an invitation to hack Microsoft's web products, isn't it?

Not a real attack- cos it's just a Denial Of Service, but it is kind of 
amusing... 

Windows NT has an interesting property in its handling of TCP connection 
establishment. NT has a small limit on the maximum size of its listen 
queue - it also handle queue overflow in a different way to BSD derived 
stacks. Instead of just dropping the connection request, and allowing the 
client TCP to retry automatically, NT sends a RST packet that aborts the 
connection. 

Ok, you can shutdown just about anything on the Net right now, and there 
won't be a real defence possible until IPSEC starts getting installed, 
but microsoft makes it much too easy. 

Simon

References:
- Hack Microsoft
  - From: "Perry E. Metzger" <[email protected]>

Prev by Date: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
Next by Date: Re: Cryptanalysis of RC4 - Preliminary Results (Repeat)
Prev by thread: Re: Hack Microsoft
Next by thread: Re: STT_???
Index(es):
- Date
- Thread