Pentesting LibraryBox 2.1(denial of service (2)

[jeph300]

Hello again, I DoS the LibraryBox by using Hping3 on Kali Linux. What is DoS(Denial of Service)? Simply put, it is making a resource whether a computer or a network unreachable/unavailable by flooding it with more request it can handle. using the command: hping3 192.168.1.1 --flood. Yup, it's all it takes to make the LibraryBox unreachable until it reboots automatically. guys, can we install an IDS/IPS like snort to prevent this sort of attack?

[Matthias Strubel]

Hello Jeph,

thanks for reporting this.

Due to a very limited space and CPU ressources, this is not possible.

The much easier way to break the box is to create a lot of download, until the IO load (including the resulting IO wait) on the USB Stick results in fireing the watchdog.

Even restricting the amount of access per IP via iptables won't help with a ping flood, because it is stateless. mh :-(

Matthias

2016-12-16 20:05 GMT+01:00 jeph300 <drakec...@gmail.com>:

Hello again, I DoS the LibraryBox by using Hping3 on Kali Linux. What is DoS(Denial of Service)? Simply put, it is making a resource whether a computer or a network unreachable/unavailable by flooding it with more request it can handle. using the command: hping3 192.168.1.1 --flood. Yup, it's all it takes to make the LibraryBox unreachable until it reboots automatically. guys, can we install an IDS/IPS like snort to prevent this sort of attack?

--
You received this message because you are subscribed to the Google Groups "LibraryBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to librarybox+unsubscribe@googlegroups.com.
To post to this group, send email to libra...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/librarybox/791564e4-ec37-45b3-8d31-98d834156e06%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[jeph300]

The much easier way to break the box is to create a lot of download, until the IO load (including the resulting IO wait) on the USB Stick results in fireing the watchdog.

Do you mean that the box will be broken forever? Like the board will be fried?

[Matthias Strubel]

No... it will just reboot, like in your tests

2016-12-22 19:37 GMT+01:00 jeph300 <drakec...@gmail.com>:

The much easier way to break the box is to create a lot of download, until the IO load (including the resulting IO wait) on the USB Stick results in fireing the watchdog.

Do you mean that the box will be broken forever? Like the board will be fried?

--
You received this message because you are subscribed to the Google Groups "LibraryBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to librarybox+unsubscribe@googlegroups.com.
To post to this group, send email to libra...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/librarybox/c2cd7802-f3c5-4978-b610-c59be21829da%40googlegroups.com.

[jeph300]

Thanks a lot Matthias. But I'll be working on a way very soon. ;-)