Grabbing sockets with bind???
Ok...
I have had a problem under debian linux..and I just can't figure out WHY
I am
a while back the land attack was posted on bugtraq...and just for
Shits and giggles I decided to see if I could make a version of it
using a shell script and the netcat program.
I did and it worked fine under RedHat 5.0 ...but under debian it gives
errors
here is the meat of it it starts with
nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;}
that basically checks to make sur ethat the computer on the
reciving end is listening onthat prt and exists if it doesn't
work...that passes fine...
here is the meat of it:
nc -n -s $1 -p $2 $1 $2 -w 2
here it errors. when I send it after my own win95 machine (I said it was
only for
shits and giggles I don't see much point in crashing someone elses
system
when I can't sit here and actually SEE it crash )
anyway...today my win95 IP is 132.183.129.170 (don't even try...its
behind a
VERY restrictive firewall) I get this error:
Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP
adress
in fact I get that error anytime I try to use netcats very limited IP
spoofing capabilities
ok..yea..I know this isn't stff im supposed to be doing
but I am curious to know what is differnt about the debian
system from the RedHat system that I wrote this on?
I even tried running it as root (and with nc suid root)still no luck
I realize that this is a very good policy for normal systems but...
how do I turn it off on my singl euser system here just for some fun?
-Steve
--
-=Signature has been removed because it made an unfair comparison
between NT 4 and Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
Shut down samba on your linux box before doing this. It is already bound to
those
ports. Also yes, you must run nc as root if you want to bind to those ports.
Stephen Carpenter wrote:
Ok...
I have had a problem under debian linux..and I just can't figure out WHY
I am
a while back the land attack was posted on bugtraq...and just for
Shits and giggles I decided to see if I could make a version of it
using a shell script and the netcat program.
I did and it worked fine under RedHat 5.0 ...but under debian it gives
errors
here is the meat of it it starts with
nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;}
that basically checks to make sur ethat the computer on the
reciving end is listening onthat prt and exists if it doesn't
work...that passes fine...
here is the meat of it:
nc -n -s $1 -p $2 $1 $2 -w 2
here it errors. when I send it after my own win95 machine (I said it was
only for
shits and giggles I don't see much point in crashing someone elses
system
when I can't sit here and actually SEE it crash )
anyway...today my win95 IP is 132.183.129.170 (don't even try...its
behind a
VERY restrictive firewall) I get this error:
Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP
adress
in fact I get that error anytime I try to use netcats very limited IP
spoofing capabilities
ok..yea..I know this isn't stff im supposed to be doing
but I am curious to know what is differnt about the debian
system from the RedHat system that I wrote this on?
I even tried running it as root (and with nc suid root)still no luck
I realize that this is a very good policy for normal systems but...
how do I turn it off on my singl euser system here just for some fun?
-Steve
--
-=Signature has been removed because it made an unfair comparison
between NT 4 and Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
Jens B. Jorgensen
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
Jens B. Jorgensen wrote:
Shut down samba on your linux box before doing this. It is already bound to
those
ports. Also yes, you must run nc as root if you want to bind to those ports.
well...ok...I stopped samba...then I took it out of inetd.conf (commented out)
then I tried again (after restarting inetd et al)
it still gave the same error...I also get the same error if I try differnt
ports as I
remember
I tried sending the land packets to a HP printer (network printer) and got the
same
error (and im not running lpd either)
(btw when tested with the binary land..it works fine...but..HP printers do not
crash)
weird...so something else must be stopping me from binding to th port..but what?
-Steve
BTW thanx for the info..Ididn;t realize I had samba running...
on THIS machine..I don't want samba!!!
Stephen Carpenter wrote:
Ok...
I have had a problem under debian linux..and I just can't figure out WHY
I am
a while back the land attack was posted on bugtraq...and just for
Shits and giggles I decided to see if I could make a version of it
using a shell script and the netcat program.
I did and it worked fine under RedHat 5.0 ...but under debian it gives
errors
here is the meat of it it starts with
nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;}
that basically checks to make sur ethat the computer on the
reciving end is listening onthat prt and exists if it doesn't
work...that passes fine...
here is the meat of it:
nc -n -s $1 -p $2 $1 $2 -w 2
here it errors. when I send it after my own win95 machine (I said it was
only for
shits and giggles I don't see much point in crashing someone elses
system
when I can't sit here and actually SEE it crash )
anyway...today my win95 IP is 132.183.129.170 (don't even try...its
behind a
VERY restrictive firewall) I get this error:
Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP
adress
in fact I get that error anytime I try to use netcats very limited IP
spoofing capabilities
ok..yea..I know this isn't stff im supposed to be doing
but I am curious to know what is differnt about the debian
system from the RedHat system that I wrote this on?
I even tried running it as root (and with nc suid root)still no luck
I realize that this is a very good policy for normal systems but...
how do I turn it off on my singl euser system here just for some fun?
-Steve
--
-=Signature has been removed because it made an unfair comparison
between NT 4 and Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
Jens B. Jorgensen
[EMAIL PROTECTED]
--
-=Signature has been removed because it made an unfair comparison between NT 4
and
Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
Ok, well make sure you stopped samba *and* any running nmbd or smbd processes.
Then do a
'netstat -at' and look for bindings to the addresses. Then you should be able
to run (as
root). Note that land can probably do it because it sets the proper socket
option for
reusing ports. I wouldn't think that nc would do this, it wouldn't make sense.
Stephen Carpenter wrote:
Jens B. Jorgensen wrote:
Shut down samba on your linux box before doing this. It is already bound to
those
ports. Also yes, you must run nc as root if you want to bind to those ports.
well...ok...I stopped samba...then I took it out of inetd.conf (commented out)
then I tried again (after restarting inetd et al)
it still gave the same error...I also get the same error if I try differnt
ports as I
remember
I tried sending the land packets to a HP printer (network printer) and got
the same
error (and im not running lpd either)
(btw when tested with the binary land..it works fine...but..HP printers do
not crash)
weird...so something else must be stopping me from binding to th port..but
what?
-Steve
BTW thanx for the info..Ididn;t realize I had samba running...
on THIS machine..I don't want samba!!!
Stephen Carpenter wrote:
Ok...
I have had a problem under debian linux..and I just can't figure out WHY
I am
a while back the land attack was posted on bugtraq...and just for
Shits and giggles I decided to see if I could make a version of it
using a shell script and the netcat program.
I did and it worked fine under RedHat 5.0 ...but under debian it gives
errors
here is the meat of it it starts with
nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;}
that basically checks to make sur ethat the computer on the
reciving end is listening onthat prt and exists if it doesn't
work...that passes fine...
here is the meat of it:
nc -n -s $1 -p $2 $1 $2 -w 2
here it errors. when I send it after my own win95 machine (I said it was
only for
shits and giggles I don't see much point in crashing someone elses
system
when I can't sit here and actually SEE it crash )
anyway...today my win95 IP is 132.183.129.170 (don't even try...its
behind a
VERY restrictive firewall) I get this error:
Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP
adress
in fact I get that error anytime I try to use netcats very limited IP
spoofing capabilities
ok..yea..I know this isn't stff im supposed to be doing
but I am curious to know what is differnt about the debian
system from the RedHat system that I wrote this on?
I even tried running it as root (and with nc suid root)still no luck
I realize that this is a very good policy for normal systems but...
how do I turn it off on my singl euser system here just for some fun?
-Steve
--
-=Signature has been removed because it made an unfair comparison
between NT 4 and Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
Jens B. Jorgensen
[EMAIL PROTECTED]
--
-=Signature has been removed because it made an unfair comparison between NT
4 and
Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
Jens B. Jorgensen
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
When Jens B. Jorgensen replied to Stephen Carpenter thusly, I replied:
Shut down samba on your linux box before doing this. It is already bound to
those
ports. Also yes, you must run nc as root if you want to bind to those ports.
And you might like to have a look at /etc/services and /etc/inetd.conf
before you choose port numbers for use.
Stephen Carpenter wrote:
Ok...
I have had a problem under debian linux..and I just can't figure out WHY
I am
a while back the land attack was posted on bugtraq...and just for
Shits and giggles I decided to see if I could make a version of it
using a shell script and the netcat program.
I did and it worked fine under RedHat 5.0 ...but under debian it gives
errors
here is the meat of it it starts with
nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;}
that basically checks to make sur ethat the computer on the
reciving end is listening onthat prt and exists if it doesn't
work...that passes fine...
here is the meat of it:
nc -n -s $1 -p $2 $1 $2 -w 2
here it errors. when I send it after my own win95 machine (I said it was
only for
shits and giggles I don't see much point in crashing someone elses
system
when I can't sit here and actually SEE it crash )
anyway...today my win95 IP is 132.183.129.170 (don't even try...its
behind a
VERY restrictive firewall) I get this error:
Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP
adress
in fact I get that error anytime I try to use netcats very limited IP
spoofing capabilities
ok..yea..I know this isn't stff im supposed to be doing
but I am curious to know what is differnt about the debian
system from the RedHat system that I wrote this on?
I even tried running it as root (and with nc suid root)still no luck
I realize that this is a very good policy for normal systems but...
how do I turn it off on my singl euser system here just for some fun?
-Steve
--
-=Signature has been removed because it made an unfair comparison
between NT 4 and Linux =-
replacement: (ok I admit...I am bored..its a slow day at work)
[EMAIL PROTECTED] ~]$fortune -o
Anything more than 3 shakes is for fun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
Jens B. Jorgensen
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
-
Ralph Winslow [EMAIL PROTECTED]
The IQ of the group is that of the member
whose IQ is lowest divided by the number
of members.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
