WinNuke

The term refers to a WinNuke on network remote DoS attack ( denial- of-service attack) against the following Microsoft operating systems are vulnerable / were: Windows 95 (Version A ), Windows NT, and Windows 3.1x.

Sending a TCP packet with set URG flag on the TCP port # 139 (NetBIOS, as an active component of the operating system ) has a "Blue Screen" ( sg blue screen, "blue screen of death" ) caused the effect or restart of the computer. This exploit does not cause primary damage to the compromised computer, but any unsaved data will be lost with the crash of the system.

The peculiarity of WinNuke was that it was the first mass -distributed and exploit that some programs were available, which made this attack easily available. Therefore, everyone could, without a clue of the art to have (see script kiddies ), apply the DoS attack.

Historically WinNuke was one of the first exploits for mass -distributed operating systems. Microsoft was concerned after learning of the vulnerability to release patches for the affected operating systems and no longer made ​​the same mistake in the following operating systems Windows 2000 and Windows XP. However, it took a long time to the users of the affected operating system installed the patches so that they long remained vulnerable to the exploit.

Today WinNuke should no longer pose a danger because the affected Microsoft operating systems are hardly in use and will not be distributed by Microsoft still technically supported. In addition, most home users do not provide direct dial-up connection more from their PC to the Internet here, but use for example DSL router, which already represent through the use of NAT a simple firewall and discard the packets, as long as the user does not explicitly specify a port forwarding own to be system has set.

See also: Cracker ( computer ), hackers, heap overflow, shellcode

• IT security