Another Noob Question

Printable View

June 9th, 2002, 05:58 PM
Ferret

Another Noob Question

Ok, thanks for the info on my last question. Here's my second question. I am testing ZA pro, sygate and Nortons 2002. Im running all three right now, and yes I am aware that there can be conflicts, at this point I dont care I am just trying to get familar with each and seeing which options I like from each. the question I have is, I remember on IRC back in win 95 days. Where if you were using irc and win 95 they could nuke you to the blue screen of death. I remember having to edit win 95 so they couldnt "nuke" you off. now out of the three firewalls za pro, sygate, nortons 2002 are there scripts out there that can "nuke" your firewall off and if so can anyone link me to a page where I can edit the firewall so this isnt possible. If you cant nuke it off then nevermind and sorry for the stupid question.

Ferret

"Weke Weke"

*Who needed bail money again?
June 9th, 2002, 06:03 PM
jehnx

Umm, not sure if I understand what ya mean by "nuke it off" but there are exploits for everything, of course. If you run a script or someone else remotely runs a script that is exploiting one of your firewall programs, then it could screw 'em up and make them useless. The only thing you can really do about this is keep up to date on the latest software patches from their vendors.
June 9th, 2002, 06:07 PM
Ferret

What I meant was like the old nuke scripts the script kiddies used, back in the irc win 95 days you could nuke people on win 95 to the blue screen of death. I was just wondering if there were scripts that script kiddies used to exploit za pro sygate or nortons to easily disable it. Sorry I didnt explain it that well in my first post.
June 9th, 2002, 06:12 PM
jehnx

Well, ok, but my answer still applies. It works either way. ;)
June 9th, 2002, 06:34 PM
Ferret

Thanks, I will keep it updated I just didnt know if one or more of those three were more vulnerable to those types of script kiddies attacks or even if those attacks are even considerable.
June 9th, 2002, 06:56 PM
thesecretfire

Just a quick question: Are win nukes just a variation of ping floding, or is it some other vulnerability.
June 9th, 2002, 07:46 PM
alittlebitnumb

Here is what I found on the WinNuke exploit (From WinNuke Info):

Quote:

A nuke attack is a way to crash many Windows 3.1/95/NT systems over a TCP/IP connection. This is achieved by opening a connection on port 139, the NETBIOS port, sending a string via Out of Band (OOB) data, and then disconnecting. A problem with how Windows handles the OOB data causes Windows to go for a fatal exception handler, which usually causes a frozen connection, General Protection Fault, or system failure. If you receive an OOB data attack you may see a blue error screen and this error message, requiring a system reboot:

Fatal exception 0E at 0028:<address> in VxD MSTCP(01) + 000041AE.

This was called from 0028:<address> in VxD NDIS(01) + 00000D7C.

There are other types of crashes now, and they have become more sophisticated over the years. For more exploits and stuff, check out JP's AntiCode section; it has great stuff there :)