• Subject: OS/400 susceptible to JOLT attack
  • From: "Neil O'Reilly" <NOReilly@xxxxxxxxxxx>
  • Date: Tue, 27 Jul 1999 17:24:18 +0100


We recently conducted some denial of service attacks on various servers in
our LAN as part of a security review. We are running OS/400 V4R2 and found
that it is susceptible to the JOLT attack which involves sending fragmented
IP packets to the host.
I am told that this attack was designed to take down Windows 95 machines but
it completely hung TCP/IP on the AS/400. Ultimately we could not actually
end TCP/IP and had to IPL. 

Has anyone come across this or similar vulnerabilities before ? Any advice
or experience would be much appreciated.

Thanks 

Neil
**********************************************************************************************
This email and any files transmitted with it are confidential and intended for 
the addressee only. If you have received this information in error, please 
notify the sender or Postmaster@lifetime.ie immediately and delete this email. 
if you  are not the
intended recipient, any distribution or copying of this email is strictly 
prohibited. Any views expressed in this email are those of the individual 
sender unless the sender specifically states otherwise.

This footnote also confirms that this email message has been swept by 
MIMEsweeper for the presence of computer viruses.
**********************************************************************************************
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact [javascript protected email address].