Results 1 to 5 of 5

Thread: BlackICE open connection DoS

  1. #1
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI

    BlackICE open connection DoS

    Got this from a symantic security alert...

    BlackICE agent version 3.1ebh has been found to contain a remotely exploitable denial of service in certain configurations, which lets a remote attacker consume large amounts of memory (200 to 400 MB) on the system by simply opening many connections to the BlackICE system.

    This vulnerability has been confirmed by the vendor, who recommends users lower the maximum number of open connections by changing the 'tcp.maxconnections' parameter in the blackice.ini file.

    Source: VulnWatch http://archives.neohapsis.com/archiv...2-q2/0114.html
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  2. #2
    The Iceman Cometh
    Join Date
    Aug 2001
    Hmmm... where'd VicTT go? Last night he was asking people (in IRC) to DoS him so that he could figure out if his BlackICE firewall was doing it's job. If someone had only known about this then... someone could have taught him that those kinds of propositions can be dangerous...


  3. #3
    Join Date
    Dec 2001
    well after the first problem was found with black ice I stop using it because...If you find one vulnerability with software chances are that their will be more.I like tiny firewall alot better.

  4. #4
    Join Date
    Jun 2002
    Lol, what a guy, and had I known he was asking I would have obliged. But how can it consume 400megs? Thats insane, pretty powerful attack I guess. But is there any way to know if a person is running BlackIce? Or do you have to guess? And I thought that BlackIce supposedly didn't advertise itself as a firewall. Doesn't it call itself something else? I may be wrong, I read that on some site that was sticking up for BlackIce.

  5. #5
    Senior Member
    Join Date
    Nov 2001
    But, in theory, can't this be achieved on any system which any service, like TELNET, FTP, even HTTP?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts