Hackers Out for IP Blood with New Land Attack The Internet underworld last week unsheathed a new weapon capable of knocking out IP-based routers and servers, sending vendors scrambling to find ways to safeguard their gear. Land Attack, officially known as land.c program code, was posted on the Net by someone called "Meltman" and used last week in attacks on Cisco Systems, Inc. routers and Unix and Windows NT servers. Some of the targeted machines were slowed to a crawl, while others had to be rebooted. Land Attack represents a new twist on the dreaded "TCP SYN flooding" denial-of-service attack. But unlike TCP SYN flooding, Land Attack sends out just one sinister SYN packet in which the sending devices IP address has been swapped out for the IP address of the destination machine. When the destination machine tries to acknowledge receipt of the transmission, it ends up using its own address, which means it sends the message back to itself, resulting in a potentially fatal loopback condition. "If someone could find a way to use this Land Attack program to spread this across the Internet, it could cause major service disruptions," said Chris Klaus, chief technology officer at Internet Security Systems, Inc. ---------- More at: http://jya.com/land-attack.txt