readx;

Blues Information Countermeasures Centre. Pen "Fun" Pavilion www.biquge.info

Ding Huahui and Li Yushan were very surprised by the IP data report they saw.

They didn't expect that such a simple datagram could make OpenBSD crash directly, so that they had to restart and aim at it one by one.

Knowing its basic principles, Ding Huahui quickly thought of a coping strategy.

He directly set up a filter rule to filter out packets from the server's own IP, and it was very easy to fix the bug directly.

Then, he got the server back online. After all, the server can't be disconnected from the network for too long, or you'll be deducted points.

"It seems that this attack method is newly discovered by the other party." Li Yushan looked at the data package for a long time before saying.

Ding Huahui nodded: "Yes, I haven't heard of this loophole before." ”

In the TCP/IP protocol, the three-way handshake seems very user-friendly and in line with the principle of human communication. But in fact, this principle is the most exploited vulnerability in attacks against TCP/IP protocols.

The most common is a denial-of-service attack (DOS) that randomly constructs an illegitimate connection and consumes server resources. The upgraded version of DOS is DDoS, or Distributed Denial of Service Attack, which uses multiple computers to attack a target server.

In addition to this, there is a "desperate attack" that is ping_of_death. According to the TCP/IP specification, the maximum length of a packet is 65536 bytes. Although the length of a packet cannot exceed 65,536 bytes, the superposition of multiple fragments into which a packet is divided can be done. When a host receives a packet with a length greater than 65,536 bytes, it is affected by a ping_of-death attack, which can also cause the host to go down.

Lin Hong's attack was also to construct an invalid data packet, so that the host could successfully crash.

Everyone is using their brains in this place, and all kinds of strange loopholes have been dug up.

Programmers don't take these strange situations into account when they write their programs, and all sorts of weird vulnerabilities appear.

Although the vulnerability discovered by Lin Hong is very simple in principle, it is a vulnerability that has never been disclosed before, and in this respect, it is his first creation. And, judging from this action, the consequences of this vulnerability are very serious, and it can directly cause some UNIX-like systems to crash and restart.

"It seems that the other party is really a master!" Li Yushan said, "This kind of attack has appeared, we are in good spirit, and the other party will definitely have follow-up attack methods!" ”

"What is his purpose in sending such a packet? Is it just for our servers to reboot? Ding Huahui raised the doubts in his heart.

As soon as his words fell, he suddenly found that the openbsd in front of him seemed to be bad again.

The system became extremely slow, typing in a character with a delay of one to two seconds.

Ding Huahui's face changed and said, "Here we go again!" ”

"Didn't you just filter the IP of your machine?" Li Yushan was a little strange.

Ding Huahui was slightly stunned: "Yes, I filtered!" ”

After saying this, both of them knew what they meant—the current attack must be another way!

Although the system has become slow, it is still operable.

Ding Huahui immediately typed in a line of commands, once again restricting the external network connection of the machine.

At this point, the system is running smoothly.

Ding Huahui immediately checked the system log and checked the network connection record just now.

After he saw the record, he couldn't help but wonder: "It's strange, the IP attacks are all from the machines of our subordinate units." ”

Hearing his words, Li Yushan couldn't help but check the record carefully.

Indeed, the connection logs are densely packed with connection records, all of which are Class C IP addresses, and at a glance you can see that they are from the IP segment of their subordinate units.

"Could it be that they have already broken through the client of a subordinate unit?" Ding Huahui wondered.

"Impossible, how could it be possible for so many machines to be breached in such a short time? There was no sign of it before. Li Yushan first denied this statement.

He immediately asked someone to call and ask the network administrator of his subordinate unit.

Soon, the results were reported back that they didn't find anything out of the ordinary.

"Could it be that they are disguised as these packets?"

Based on this idea, Li Yushan asked the network management of his subordinate unit to send a log over, and then analyzed it himself.

In the end, it turned out that they had received a large number of requests from the server in the time being.

Li Yushan showed a wry smile on his face: "So that's the case!" ”

Ding Huahui immediately understood when he saw this log.

Their servers certainly didn't send connection requests like those clients, and it was clear that these packets were sent from the side of the Red Army. It's just that when they send it, they disguise the source address as the server's IP address, so that when the client replies, it directly replies to the server.

In other words, these clients have been used as guns! And at the same time it is used as an amplifier, amplifying their attacks.

"Another new way to attack!" Ding Huahui muttered.

He'd never been in this way before.

It doesn't have to be created by the other party, but at least it's completely new to them.

Moreover, this attack is another exploit of the loophole of the three-way handshake principle.

Li Yushan and Ding Huahui both knew that the principle of three handshakes was not very reliable, and it was easy to be attacked by people in a data storm, but they never thought that just such a point would be played so much by the other party.

Even, they don't know if the other party has other formalities that have not been used.

The two of them glanced at each other, and there was a helpless look in their eyes.

At the same time, Lin Hong was sitting in front of Liu Hui's machine, using Liu Hui's original software to send his modified data packets to the outside world, while explaining the principle of the attack he was using now.

After hearing his words, everyone couldn't help but be dumbfounded.

They never imagined that just by doing so, they would be able to achieve an attack similar to DDOS. In other words, Lin Hong did not hack the opponent's machine at all, but successfully used them as an attack tool like a broiler.

"This idea is so godly!" Liu Hui couldn't help but praise: "Why didn't I think of it before!" ”

Speaking of which, the principle is not complicated, but no one has ever thought of it before.

Many things are like this, there may be only a millimeter difference between methods, but the effect is very different, if no one else says it, you will never think of it, and you have been immersed in the mindset.

At this moment, Lin Hong has completely won everyone's admiration and respect. (To be continued.)