Steve wrote:
> I'm not sure of the complete capability of the haXor
>dOOdz. I suspect there are exploits into DOS machines,
>but even if they couldn't gain access to the contents
>of your hard drive, they certainly can run packet
>sniffers to monitor everything that leaves or enters
>your machine.
This is the only way I can think of:
Use a buffer overrun trick (I have not verified neither the Arachne source,
WatTCP or any packetdriver for this but I assume somewhere one must exist).
This is a simple way to put your own instructions where the program runs,
often to start some sort of service for increased ability to use the
computer. However there are a number of drawbacks for doing this on a DOS
system, these are (not in order):
1. The user would probably notice (although by then it might be to late)
2. The buffer overrun must be very large since there's no TCP/IP sockets
built into the system (you actually need to send WatTCP). There's a small
chance you can overrun the program however and saving WatTcp.
3. Overflowing the packetdriver would be very hard since you would then
need to know exactly the type of "card" the person has. Although on a LAN
you can get this information (sort of anyway) through the MAC address. But
the settings would still be the problem, it's still doable just very hard.
Most likely the only thing you need to worry about is a DoS attack.
//Bernie
