Slashdot Mirror


Windows 2003 and XP SP2 Vulnerable To LAND Attack

An anonymous reader writes "Dejan Levaja, a Serbian security engineer has discovered that nearly 8 years after the attack was first made public, WIndows 2003 and Windows XP SP2 are in fact vulnerable to the historic LAND attack." Granted, you need to have the firewall turned off for this work, but there's a whole lotta machines that don't have it turned on.

23 of 534 comments (clear)

  1. Little known fact by beatdown · · Score: 5, Funny

    It is also subject to sea and air attacks.

    1. Re:Little known fact by spektr · · Score: 4, Funny

      True, the US Navy use Windows don't they?

      They had put it on an aircraft carrier and navigated it away from shore immediately, when they heard about the LAND exploit. To their delight, it stayed pretty stable in the middle of the sea.

    2. Re:Little known fact by Anonymous Coward · · Score: 5, Funny

      The Navy usually makes sure its ports are secure.

    3. Re:Little known fact by Anonymous Coward · · Score: 5, Funny

      Yes, but they call them "port holes".

    4. Re:Little known fact by darkpixel2k · · Score: 5, Funny

      Well...usually.

      There was this one time...in Hawaii...

      --
      There's no place like ::1 (I've completed my transition to IPv6)
    5. Re:Little known fact by harrkev · · Score: 5, Funny

      According to the Village People, the Navy usually has some back doors.

      --
      "-1 Troll" is the apparently the same as "-1 I disagree with you."
  2. wow by Quasar1999 · · Score: 5, Funny

    In other news, my computer is also prone to failing if I microwave it... hit it with a hammer, or attempt to install water cooling while I'm drunk...

    --

    ---
    Programming is like sex... Make one mistake and support it the rest of your life.
    1. Re:wow by Anonymous Coward · · Score: 5, Funny

      Problem:
      The other thing Microsoft won't tell you is that if paramilitants do a home invasion, they can take your machine right out of the house and have access to all data and the entire network, for that matter.

      Solution: Install complex home alarm system, man traps, CCTV, and acquire armed guards, string up razor wire and dig tunnel system deep in the jungle.

      Ethic:
      I told microsoft that their computers were totally unprotected from physical theft by armed gangs of paramilitants and received no response. I am now sharing this with the community.

  3. Windows by Anonymous Coward · · Score: 5, Funny

    Only one remote hole in the kernel FOR eight years!

  4. Wait... by Gorffy · · Score: 5, Funny

    You mean to tell me that XP and 2k3 contain buggy legacy code? that IS news!

  5. Re:What kind of software dev process do MS use? by Anonymous Coward · · Score: 5, Funny

    Regression testing makes sure that things that used to work in the old version still works in the new version, so I'd say that windows is passing its regression tests with flying colors ;)

  6. Windows running slow? by hackwrench · · Score: 5, Funny

    It may be a little thing called a firewall. A firewall is a spyware-like little piece of software that constantly pings a special server called a firedoor so that spammers hackers, and their ilk know when your computer is available on the internet. Unfortuntely Microsoft refuses to release a patch for this thing but a piece of software called a backdoor can be used to prevent the firewall from doing its dirty work. Download one today!

  7. Guess we need Boston Church XP by kakos · · Score: 5, Funny

    01 if by LAND, 10 if by SEA

  8. Safest OS by Virtual+Karma · · Score: 5, Funny

    Windows is one of the safest OS around (and to keep it that way it is advised that the computer should not be connected to internet or any other network for that matter)

  9. Microsoft Notified by Nom+du+Keyboard · · Score: 4, Funny
    Ethic:
    Microsoft was informed 7 days ago (25.02.2005, GMT +1, local time), NO answer received, so I decided to share this info with security community.

    Of course they didn't reply. They're under LAND attack, and your message is caught in the server. You must have sent them a proof-of-concept, so what did you expect?

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  10. Oh c'mon, that isn't fair. by Billy+Bo+Bob · · Score: 4, Funny

    8 years is hardly enough to figure out how to patch windows.

    Besides, like all everyone here says, it is the users own fault for not using a firewall. Having an expectation that 8 yr old attacks should be fixed is just unreasonable.

    WTF, are you all on crack?

  11. Retro! by bigtallmofo · · Score: 5, Funny

    I remember the days of Ping of Death, Land, Teardrop, New Tear, Bork, etc.

    Now that my WinXP SP2 system is susceptible to land again, it's getting me into a nostalgic mood. I think I'll go play Ms PacMan on my MAME cabinet now.

    --
    I'm a big tall mofo.
  12. Re:News? by JustForMe · · Score: 5, Funny

    Windows Server must be running some services, I guess..

  13. Everyone has good points, and yet.... by writermike · · Score: 4, Funny

    Experts say servers are vulnerable to the infamous CAFE attack. One drop can take down an entire network!

    Granted you have to have a computer next to a cup of coffee for this to work, but MANY PEOPLE DO!!!!!!!!!!

    --
    If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
  14. "LAND" war in Asia ... by YetAnotherName · · Score: 4, Funny

    Vizzini: You only think I guessed wrong - that's what's so funny. I switched glasses when your back was turned. Ha-ha, you fool. You fell victim to one of the classic blunders, the most famous of which is "Never get involved in a land war in Asia", but only slightly less well known is this: "Never go in against a Sicilian, when *death* is on the line.". Hahahahahah. [Vizzini falls over dead]

    (Yeah, off topic, I don't care.)

  15. Re:What kind of software dev process do MS use? by Phanatic1a · · Score: 5, Funny

    Or even "You're not using contractions properly, KDN"?

  16. Re:Only win ? by Anonymous Coward · · Score: 5, Funny

    OS X is invulnerable to all attacks, because it's made of magic.

  17. Re:Only win ? by AKnightCowboy · · Score: 5, Funny
    OS X is invulnerable to all attacks, because it's made of magic.

    *snort*. You owe me a new keyboard.

    /Mac user