‘Mac Attack’ Denial of Service Information

Information

John Copeland, a professor at Georgia Tech, noticed his computer sending packets when he was not conducting any traffic. This Mac Attack effects computers running MacOS 9 with a internet or network connection. A FAQ Page has been setup to help you understand the situation.

FIX

After a lot of complaints from MacOS 9 Owners, Apple released a correct solution for the denial of service problems. Open Transport 2.6 is the fix, Only for Mac OS 9; Mac OS 8.6 for PowerMacintosh G4, iBook, and iMac (Slot-loading) computers. Apple says addresses DHCP issues in Mac OS 9.0 and prevents Macintosh computers from being used in certain types of Denial of Service (DoS) issues.

Advice For OS9 owners

If the light on your cable or ADSL modem starts blinking continually, then your OS9 Mac may be helping to attack someone. If you are attached to a local area network, you may not be able to tell.

As a general good practice, disconnect from the cable or ADSL modem when you are not using it. LAN uses are hopefully behind a good firewall and IDS.

If you have the “TCP/IP Options” control panel (from the OS9 CD-ROM in the CD Extras : Network Extras : OT Extras : TCP/IP folder), check the box by “Don’t retain DHCP lease on shutdown.” This will not stop your Mac from being used as a slave, but it may move your IP address around making it harder for an attacker to find you.

Try the “OT Tuner” from Apple. If it works, you’ll have quicker Web Browser responses. If you have a problem with making TCP/IP connections use the Extensions Manager control panel to remove it and watch for a new version from Apple.

Closing Notes

To find out more about the technical side of this problem visit John Copelands’ Mac Attack Technical Story.