Source Code To Test IPv4 fragmentation --> The Rose Attack Apr 27 2004 02:46AM
Gandalf The White (gandalf digital net)
Greetings and Salutations:

I have updated the instructions for the Rose Fragmentation Attack and
clarified the attack (per some questions that have been asked). The
instructions are now at the following URL:

Specifically I have added the links to two pieces of software that have been
written to test this attack:
Laurent Constantin was kind enough to program this attack from the below
somewhat unwieldy set of instructions. The program can be found at the
following URL:

Chuck (at) lemure.net found that he could spike the CPU of a Windows 200
machine to 100 percent with his code:

Chuck's explanation:
I have just been playing around with the timing on the second one. What I
have discovered is CPU only spikes for reassembling fragments for packets
that already exist (ie, if you run incre_frag once, then ctrl-c and start
again, the CPU and resources won't go through the moon). Compiles on

If you have any questions please feel free to ask me.


Do not meddle in the affairs of wizards for they are subtle and
quick to anger.
Ken Hollis - Gandalf The White - gandalf (at) digital (dot) net [email concealed] - O- TINLC
WWW Page - http://digital.net/~gandalf/
Trace E-Mail forgery - http://digital.net/~gandalf/spamfaq.html
Trolls crossposts - http://digital.net/~gandalf/trollfaq.html

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus