Clink

written by Atl@ntis

Clink is the worst DoS attack(The worst for your victim of corz ;-).It isn't a simple bug,it is a general problem of the TCP/IP and that's why it works on all platforms from MacOS to Solaris! Clink is used in the IRC because there isn't any particular way to protect yourself from that.Clink causes the victim to cut its connection with an IRC server,telnet,FTP...

Clink uses ICMP.ICMP packets give us inform us if a web works(has open ports,can serve us) and things like that.These info are located in the head of the ICMP packets.ICMP packets are around 20,its of them with its code number.For example we send an ICMP packet to a client saying "Port unreachable" or "Host unreachable".The client uses ports around 1024 to 65535 to connect to the servers port(1024-12345 but the most usual ports are around 6600-7777).The attacker using Clink locates the port of the client and sends him a spoofed ICMP saying"I am your server and I don't work"The client believes it because even if he realize that the ICMP doesn't come from the IRC server,he thinks that this is normal because if the server is down how can send an ICMP?(hehehe ;-)and he disconnects from the IRC server or whatever server...