Security Auditory Visual K.B. Resources Email ISS Security Advisory March 17, 1999 Denial of service against all computers on any operating platform Synopsis: The X-Force team has uncovered a potential denial of service attack that can be held successfully against any computing device. It is possible that an attacker, under certain circumstances, can trip or short the circuit breaker of a given power segment feeding the computing device, leaving the device in a powerless state, and therefore inoperable. Description: An attacker can probe an installation to find a vulnerable power main. It is very simple to open the metal door that encloses the circuit breakers. An attacker can quickly deduce which circuit is which, due to the common mistake of the electrical admins clearly labeling which breaker goes to which part of the installation. The attacker then has many options available to him: 1. (Most obvious) Can open the breaker to the computing device, leaving it powerless and inoperable. 2. Can open the breaker to the refrigerator of the installation, guaranteeing all Mountain Dew will become warm. This could lead to a panic of the computer's owner/administrator. It would also cause all chik patties to thaw. 3. Can attempt to overload the circuit by shorting the breaker. This can be achieved by placing a conductive object across the breaker. This object could be as simple as a 10bT cable or a stylus to a Palm III, to more complex items like a dead rodent (drenched in salt water to enhance conductivity), or in extreme cases, ravenous man-eating mushrooms. 4. Can open and close the breakers to the lights of the installations in a rythmic pattern to induce hypnosis, disco-tendancies, or just plain simulate a bad trip. Recommendations: The X-Force recommends installing a UPS to combat the direct loss of power to a system; however, a UPS will not be adequate to protect the Mountain Dew or disco light effect (tm). Therefore, we suggest you install Master Padlock v1.3 that uses private key technology. Copyright (c) 1999 by Internet Security Systems, Inc. Permission is hereby granted for electronic distribution of all awesome alerts we attempt to put out. We have the ultimate skillz, and want the world to know. This has been another awesome advisory by the X-Force. Our PGP key is available from: www.iss.net/cgi-bin/phf?x-force as well as from our ftp server ftp.iss.net, login root, password x-force