Grabbing sockets with bind???
Ok... I have had a problem under debian linux..and I just can't figure out WHY I am a while back the land attack was posted on bugtraq...and just for Shits and giggles I decided to see if I could make a version of it using a shell script and the netcat program. I did and it worked fine under RedHat 5.0 ...but under debian it gives errors here is the meat of it it starts with nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;} that basically checks to make sur ethat the computer on the reciving end is listening onthat prt and exists if it doesn't work...that passes fine... here is the meat of it: nc -n -s $1 -p $2 $1 $2 -w 2 here it errors. when I send it after my own win95 machine (I said it was only for shits and giggles I don't see much point in crashing someone elses system when I can't sit here and actually SEE it crash ) anyway...today my win95 IP is 132.183.129.170 (don't even try...its behind a VERY restrictive firewall) I get this error: Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP adress in fact I get that error anytime I try to use netcats very limited IP spoofing capabilities ok..yea..I know this isn't stff im supposed to be doing but I am curious to know what is differnt about the debian system from the RedHat system that I wrote this on? I even tried running it as root (and with nc suid root)still no luck I realize that this is a very good policy for normal systems but... how do I turn it off on my singl euser system here just for some fun? -Steve -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
Shut down samba on your linux box before doing this. It is already bound to those ports. Also yes, you must run nc as root if you want to bind to those ports. Stephen Carpenter wrote: Ok... I have had a problem under debian linux..and I just can't figure out WHY I am a while back the land attack was posted on bugtraq...and just for Shits and giggles I decided to see if I could make a version of it using a shell script and the netcat program. I did and it worked fine under RedHat 5.0 ...but under debian it gives errors here is the meat of it it starts with nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;} that basically checks to make sur ethat the computer on the reciving end is listening onthat prt and exists if it doesn't work...that passes fine... here is the meat of it: nc -n -s $1 -p $2 $1 $2 -w 2 here it errors. when I send it after my own win95 machine (I said it was only for shits and giggles I don't see much point in crashing someone elses system when I can't sit here and actually SEE it crash ) anyway...today my win95 IP is 132.183.129.170 (don't even try...its behind a VERY restrictive firewall) I get this error: Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP adress in fact I get that error anytime I try to use netcats very limited IP spoofing capabilities ok..yea..I know this isn't stff im supposed to be doing but I am curious to know what is differnt about the debian system from the RedHat system that I wrote this on? I even tried running it as root (and with nc suid root)still no luck I realize that this is a very good policy for normal systems but... how do I turn it off on my singl euser system here just for some fun? -Steve -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Jens B. Jorgensen [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
Jens B. Jorgensen wrote: Shut down samba on your linux box before doing this. It is already bound to those ports. Also yes, you must run nc as root if you want to bind to those ports. well...ok...I stopped samba...then I took it out of inetd.conf (commented out) then I tried again (after restarting inetd et al) it still gave the same error...I also get the same error if I try differnt ports as I remember I tried sending the land packets to a HP printer (network printer) and got the same error (and im not running lpd either) (btw when tested with the binary land..it works fine...but..HP printers do not crash) weird...so something else must be stopping me from binding to th port..but what? -Steve BTW thanx for the info..Ididn;t realize I had samba running... on THIS machine..I don't want samba!!! Stephen Carpenter wrote: Ok... I have had a problem under debian linux..and I just can't figure out WHY I am a while back the land attack was posted on bugtraq...and just for Shits and giggles I decided to see if I could make a version of it using a shell script and the netcat program. I did and it worked fine under RedHat 5.0 ...but under debian it gives errors here is the meat of it it starts with nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;} that basically checks to make sur ethat the computer on the reciving end is listening onthat prt and exists if it doesn't work...that passes fine... here is the meat of it: nc -n -s $1 -p $2 $1 $2 -w 2 here it errors. when I send it after my own win95 machine (I said it was only for shits and giggles I don't see much point in crashing someone elses system when I can't sit here and actually SEE it crash ) anyway...today my win95 IP is 132.183.129.170 (don't even try...its behind a VERY restrictive firewall) I get this error: Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP adress in fact I get that error anytime I try to use netcats very limited IP spoofing capabilities ok..yea..I know this isn't stff im supposed to be doing but I am curious to know what is differnt about the debian system from the RedHat system that I wrote this on? I even tried running it as root (and with nc suid root)still no luck I realize that this is a very good policy for normal systems but... how do I turn it off on my singl euser system here just for some fun? -Steve -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Jens B. Jorgensen [EMAIL PROTECTED] -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
Ok, well make sure you stopped samba *and* any running nmbd or smbd processes. Then do a 'netstat -at' and look for bindings to the addresses. Then you should be able to run (as root). Note that land can probably do it because it sets the proper socket option for reusing ports. I wouldn't think that nc would do this, it wouldn't make sense. Stephen Carpenter wrote: Jens B. Jorgensen wrote: Shut down samba on your linux box before doing this. It is already bound to those ports. Also yes, you must run nc as root if you want to bind to those ports. well...ok...I stopped samba...then I took it out of inetd.conf (commented out) then I tried again (after restarting inetd et al) it still gave the same error...I also get the same error if I try differnt ports as I remember I tried sending the land packets to a HP printer (network printer) and got the same error (and im not running lpd either) (btw when tested with the binary land..it works fine...but..HP printers do not crash) weird...so something else must be stopping me from binding to th port..but what? -Steve BTW thanx for the info..Ididn;t realize I had samba running... on THIS machine..I don't want samba!!! Stephen Carpenter wrote: Ok... I have had a problem under debian linux..and I just can't figure out WHY I am a while back the land attack was posted on bugtraq...and just for Shits and giggles I decided to see if I could make a version of it using a shell script and the netcat program. I did and it worked fine under RedHat 5.0 ...but under debian it gives errors here is the meat of it it starts with nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;} that basically checks to make sur ethat the computer on the reciving end is listening onthat prt and exists if it doesn't work...that passes fine... here is the meat of it: nc -n -s $1 -p $2 $1 $2 -w 2 here it errors. when I send it after my own win95 machine (I said it was only for shits and giggles I don't see much point in crashing someone elses system when I can't sit here and actually SEE it crash ) anyway...today my win95 IP is 132.183.129.170 (don't even try...its behind a VERY restrictive firewall) I get this error: Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP adress in fact I get that error anytime I try to use netcats very limited IP spoofing capabilities ok..yea..I know this isn't stff im supposed to be doing but I am curious to know what is differnt about the debian system from the RedHat system that I wrote this on? I even tried running it as root (and with nc suid root)still no luck I realize that this is a very good policy for normal systems but... how do I turn it off on my singl euser system here just for some fun? -Steve -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Jens B. Jorgensen [EMAIL PROTECTED] -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- Jens B. Jorgensen [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Grabbing sockets with bind???
When Jens B. Jorgensen replied to Stephen Carpenter thusly, I replied: Shut down samba on your linux box before doing this. It is already bound to those ports. Also yes, you must run nc as root if you want to bind to those ports. And you might like to have a look at /etc/services and /etc/inetd.conf before you choose port numbers for use. Stephen Carpenter wrote: Ok... I have had a problem under debian linux..and I just can't figure out WHY I am a while back the land attack was posted on bugtraq...and just for Shits and giggles I decided to see if I could make a version of it using a shell script and the netcat program. I did and it worked fine under RedHat 5.0 ...but under debian it gives errors here is the meat of it it starts with nc -n -z -w9 $1 $2 || {echo error messga ehere ; exit0 ;} that basically checks to make sur ethat the computer on the reciving end is listening onthat prt and exists if it doesn't work...that passes fine... here is the meat of it: nc -n -s $1 -p $2 $1 $2 -w 2 here it errors. when I send it after my own win95 machine (I said it was only for shits and giggles I don't see much point in crashing someone elses system when I can't sit here and actually SEE it crash ) anyway...today my win95 IP is 132.183.129.170 (don't even try...its behind a VERY restrictive firewall) I get this error: Can't grab 132.183.129.170:139 with bind : Cannot assign requested IP adress in fact I get that error anytime I try to use netcats very limited IP spoofing capabilities ok..yea..I know this isn't stff im supposed to be doing but I am curious to know what is differnt about the debian system from the RedHat system that I wrote this on? I even tried running it as root (and with nc suid root)still no luck I realize that this is a very good policy for normal systems but... how do I turn it off on my singl euser system here just for some fun? -Steve -- -=Signature has been removed because it made an unfair comparison between NT 4 and Linux =- replacement: (ok I admit...I am bored..its a slow day at work) [EMAIL PROTECTED] ~]$fortune -o Anything more than 3 shakes is for fun. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Jens B. Jorgensen [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Ralph Winslow [EMAIL PROTECTED] The IQ of the group is that of the member whose IQ is lowest divided by the number of members. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]