Wikipedia:Articles for deletion/Remote LanD Attack

The following discussion is an archived debate of the proposed deletion of the article below. Please do not modify it. Subsequent comments should be made on the appropriate discussion page (such as the article's talk page or in a deletion review). No further edits should be made to this page.

The result of the debate was delete. --Angr (t·c) 19:34, 1 January 2006 (UTC)

[edit] Remote LanD Attack

Labelled CSD, but no criteria apply. This is a nonsense original research about some super-nerdy computer-attack thing. I can't understand it, but know it's not Wikipedia-worthy. Harro5 06:53, 21 December 2005 (UTC)

It IS original research, but it's not nonsense. It more or less makes sense. The author is free to move it someplace else, and then cite it from Wikipedia, but right now, the article needs to be moved or deleted. - CorbinSimpson 09:19, 21 December 2005 (UTC)

Merge and redirect to LAND, and clean that up. --Zetawoof 09:21, 21 December 2005 (UTC)

No, it is in fact complete nonsense. On the one hand, the article is incoherent -- his claim is that the attack is caused by an ICMP packet, but his examples use flags which are only applicable to TCP packets. He also claims that you can introduce crippling latency on a remote network using TCP packets sent to a LAN broadcast address. Both claims are laughable to anyone with even a passing knowledge of TCP/IP networking. On the other hand, even if you fixed the terminology issues in the article, the simple fact is that the exploit he claims, does not work. Unfortunately, the author also modified the original LanD entry to include reference to this entry.

The original LanD entry should be reverted to its state before all of this happened. —Preceding unsigned comment added by 65.75.16.223 (talk • contribs)

• Delete Yes it's comprehensible, but no it does not make much sense. per unsigned comment above, it mentions TCP flags being used on an ICMP packet. It is not original research however, as it does mention older mentions of the attack. Werdna648^T/_C\^@ 01:09, 22 December 2005 (UTC)

• Sad...

Hello, I am the original author of the Wikipedia entry. I am also the original author of the write up, Justin M. Wray, and I am the one who did all the research. I laugh at the fact that you guys claim "its not original research". Are you claiming I stole the information? I am claiming it as my own? Well the research is all original. I did do it all myself. And the tests were all conducted by me, with the help of a few others mentioned in the article.

The article is as "wikiworthy" as the original LAND post, which is also on wiki I might add. I was going to contact someone from the defacing team (or whatever the name may be). As some users from digg.com continue to deface the site. They claim they can not get the exploit to work, which I am not disputing, however I have been receiving endless emails from people claiming they got it to work. I had help testing it both from my employer and a College professor in the Networking/InfoSec field. The exploit is far from "bogus".

ICMP vs TCP. Both work, I 'was' planing to make that a bit more clear, yet every time I go to edit the wikipage, I have to fix the SPAM people are leaving. The flags are for the TCP packet but if you send enough ICMP packets it will do the same, it takes about 30 seconds longer or so, so it seems.

This is not a normal "Ping of Death"

Yes I edited the LAND entry to add a link to the new discovery. Its important, home consumers are vulnerable, and its big news in the Security field. If you take a look at the links on the current wiki page about RLA, you will see many big names are talking about it. One is Dave, from the ICANN security counsel. (ICANN is in charge of giving out IP address).

Someone said to merge with the original LAND attack. I am not adverse to that over deletion, but the attacks are only similar in nature, the original could not be done over the Internet, where the Remote LAND Attack can. To me this means they should be separated, but linked to one and other.

I thought wikipedia was an encyclopedia, for the sharing if information and knowledge. I have seen far less important articles. I am shocked to see wikipedia take such actions, this is only hindering education. I know for a fact, if the page stays, it will be used in many college classes, and even training at work. This is an important part of Internet history, even if its inter works are foreign to the average users, the end results are not.

I have more to say, but I will allow you to read and refute the above first.

BTW: Its not "super-nerdy computer-attack thing", its a network perimeter devices exploit. And the sad part is, your "router" is most likely susceptible to attack. Hope the vendors take this more serious then some of you have.

Its funny how hundreds of kids can play in a pool, but let one pee in it and all the funs over. Remember, a lot of people have recreated this attack, and only a handful are saying its bogus...

SynisterSyntax 20:44, 22 December 2005 (UTC)

• • Well the research is all original. As stated by the author therefore this shouldn't be in wikipedia. It needs to be deleted. --Pboyd04 05:46, 24 December 2005 (UTC)

• What?

Wait a moment...So because its original research, it’s not worthy of being in the encyclopedia? That makes a lot of sense. So only copied material makes it to wiki?

SynisterSyntax 15:45, 24 December 2005 (UTC)

• Read this it explains the no original research policy. --Pboyd04 15:52, 24 December 2005 (UTC)

• I see...

Qoute: "Original research refers to material added to articles by Wikipedia editors that has not been published already by a reputable source. In this context it means unpublished theories, data, statements, concepts, arguments, and ideas..."

The research is based off of previous work. However it is in fact, new, different, and original. But it is posted online elsewhere, both on my own servers, and on many other reputable sites. Take a look at the links...

68.50.61.139 19:09, 24 December 2005 (UTC)

• Sad...

Okay, ive just about had it with all of the stupid comments left by the people who have no clue what they are talking about. They may THINK they do, but they really dont. Im Matthew Wines, i helped with the testings of this exploit and i verify that it works. The very first object tested was my Westell VersaLink 327W (the one Verizon sent me with DSL). When we first tested the exploit it worked, this was to our surprise. We then tested a couple different things and couldnt re-create the exploit and were very discouraged. Then we adjusted some other settings and tried again, it worked. So we moved on to test others to see if it would only work with my VersaLink. However, it worked with Synisters Atlanta DPX2100. That is when he released the exploit information to his college professor, who allowed him to test it on a couple other things. It worked each time. We did lots of tests and would not release or makeup a stroy like this. If you notice, when i was talking about my VersaLink, we DID NOT get it to work every time for the first time. However, once we found the perfect settings, we could reacreate it just about every time. So please dont post your stupid immature spam garbage and accusations, if you would do a better part to society and play World Of Warcraft for 3 days straight then jump out of a 29 story window when someone "Ninjas" your Trinket.... Thank You to everyone who gets this exploit to work, who actually tries it, and does not display themselves as a complete and total fool.

Vendicator 21:37, 22 December 2005 (UTC)

That's nice and all, but this isn't the place for it. Once your work is proved (by publishing or some other means) then we can include. Until then we can't. BTW, wikiarticles don't write like essays for school. There is no "credit" given to authors except for citations. I vote to delete. Oberiko 19:26, 23 December 2005 (UTC)

• Read

The work has been proven. Try reading some of the links that are on the page. Read some of the blog posts, news posts, and forum posts. And if you’re waiting for Vendor's to release a statement that will come with time as well.

SynisterSyntax 15:45, 24 December 2005 (UTC)

The above discussion is preserved as an archive of the debate. Please do not modify it. Subsequent comments should be made on the appropriate discussion page (such as the article's talk page or in a deletion review). No further edits should be made to this page.