• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Resources
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Resources
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find resources
      Search by title or subject area
      View all resources
  • SMB Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

DoS attack storms port 445

Windows 2000 desktop and server versions affected

  • James Middleton
  • 18 April 2002
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

Security experts have warned that default registry settings on Windows 2000 boxes could allow a malicious user to cause a denial of service (DoS) attack through port 445.

Research from analyst KPMG Denmark found that default registry settings in the Windows 2000 Lanman network management service could allow a user with access to TCP port 445, also known as the Microsoft-ds port, to effect a DoS attack.

Both desktop and server versions of Windows 2000 are vulnerable.

"Sending malformed packets to the Microsoft-ds port [TCP 445] can result in kernel resources being allocated by the Lanman service," said KPMG. "The consequences of such an attack could vary from the Windows 2000 host completely ignoring the attack, to a blue screen."

The attack is also very simple to carry out. "An attack could be something as simple as sending a continuous stream of 10K null chars to TCP port 445," the analyst said.

The management service in Windows 2000 would keep allocating kernel memory until all processing power was used up.

"It would frequently be possible to cause the system service to enter a state where it constantly used 100 per cent CPU usage," said KPMG. "A PC was left in this state over the weekend to see if it would recover on its own. It did not."

Microsoft has been alerted and released a paper earlier this week describing the problem and possible solutions. This can be read here.

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Security

V3 Latest

German flying taxi firm headhunts Mini designer Frank Stephenson
German flying taxi firm headhunts designer of modern Mini and Fiat 500

Stephenson will design the inside and outside of the futuristic Lillium jet.

  • Strategy
  • 24 April 2018
Facebook publishes new content guidelines
Facebook publishes new content guidelines

The new policy is aimed at making the social network is a safer place

  • Social Networking
  • 24 April 2018
Amazon working on robot for early 2019, claims Bloomberg report
Amazon working on robot for early 2019, claims Bloomberg report

Amazon robot would probably be little more than an Amazon Echo on wheels

  • Hardware
  • 24 April 2018
Citrix launches lawsuit against Workspot over claims of patent infringement
Citrix launches lawsuit against Workspot over claims of patent infringement

Citrix claims Workspot has 'continued to mislead the market' and use Citrix-patented features

  • Cloud Computing
  • 23 April 2018
Back to Top

Most read

Citrix launches lawsuit against Workspot over claims of patent infringement
Citrix launches lawsuit against Workspot over claims of patent infringement
 china-map-flag.jpg
China's Great Firewall: How it works and what it reveals about China's plans
TSB online banking issues lead to customer data leaks
TSB online banking issues lead to customer data leaks
Russia blocks Google IP addresses days after Telegram ban
Russia blocks Google IP addresses days after Telegram ban
Researchers use graphene to propel ultra-fast light communication technology
Researchers use graphene to propel ultra-fast light communication technology
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017