Case Study

 < Day Day Up > 

This case study shows Evil Jimmy attempting to execute a DoS attack against a Windows 2000 Server.

Jimmy, who has attempted to break into the Windows 2000 server with no success, has decided if he cannot break in, he is going to bring the server down. He gathers a few of his favorite tools:

  • Hgod

  • Jolt2

  • SMBdie

Hgod and Jolt2 were covered previously in this chapter. SMBdie is another fantastic DoS tool that you can use on unpatched Windows 2000 systems. SMBdie causes these systems to crash within seconds of execution.

Step 1.

Evil Jimmy, who is located on the network, has decided to target the Windows 2000 server at 192.168.200.21. He first starts with Hgod, attempting to send a SYN flood against the server:

  C:>hgod 192.168.200.21 80 -s 1.1.1.1

Step 2.

Jimmy tests the server for responsiveness and notices that it is still up and running. He decides to add a little more excitement.

Step 3.

Starting up Jolt2 against the server, Jimmy is able to send a continuous stream of UDP packets to port 135 in a continued effort to bring down the target:

  C:>jolt2 192.168.200.21 1.1.1.1 -P udp -p 135

Step 4.

Again, Jimmy tests the server for responsiveness. He still sees it up and running. He does notice, however, that network activity has increased quite a bit, so that will provide some small DoS.

Step 5.

Now, hoping for the possibility that the server is unpatched, Jimmy brings out SMBdie (proof of concept tool) and launches toward the server. (See Figure 15-15 for details.)

Figure 15-15. SMBdie DoS Tool


Step 6.

Now for one last time, Jimmy checks for server responsiveness. He gets nothing back in return. The DoS has been a success. Figure 15-16 displays the current screen on the Windows 2000 Server that Jimmy was attacking.

Figure 15-16. Windows 2000 Blue Screen of Death


As you can see, Jimmy attempted several tools before achieving a DoS on the target. Although he could have waited for some time, and Jolt2 or Hgod might eventually have tied up the server to a point where it crashed, other tools like SMBdie can bring down unpatched systems in seconds. For this reason, it is imperative that you remain up to date with service packs and fixes. Jimmy will always follow the path of least resistance to achieve his goal.

     < Day Day Up > 


    Penetration Testing and Network Defense
    Penetration Testing and Network Defense
    ISBN: 1587052083
    EAN: 2147483647
    Year: 2005
    Pages: 209

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net