Question: In Socket class exists method "getOOBInline" that checks if
OOBINLINE is enabled. What is "OOBINLINE" and can I do with it?
Answer: OOB stands for Out-Of-Band Data.
The TCP/IP protocol
allows users to send data asynchronously, otherwise known as OUT-OF-BAND data.
When using this feature, the operating system interrupts the receiving process
if this process has chosen to be notified about out-of-band data. The receiver
can grab this input without affecting any information currently queued on the
Therefore, you can use this without interfering with any current activity due to
other wire and remote interfaces.
implementations of TCP/IP are broken, so use of out-of-band data is limited for
safety reasons. You can only reliably send one character at a time.
What is about safety? Let's look at this scenario: While a server is working on
a task, the server is sensitive to interrupts. An interrupt will cause the
server to abort the current task and begin listening for new instructions.
Interrupts can be sent to the server by sending an interrupt ("INT") to the
process number of the server with the Unix kill command. The server socket will
also raise an interrupt if out of band (OOB) data are received. Thus, the client
can send a single arbitrary byte of OOB data to generate an interrupt. So, if
someone will send much OOB data to a server it can seriously decrease
performance of server...
On one of hackers web
sites I found "OOB Attack Program" that described like this:
"This is a good program that exploits the oob attack on port 139 of any Windows
machine running MS TCP/IP.
Allows for multiple IP addresses to be attacked.
Coded for fun by: Hiro Protagonist "
If you are developing a
server that will be exposed to Internet remember that some people "for fun" can
take it down because OOBINLINE is enabled.
Our older tips: March 22, 2001 - October 21, 2002
All published and not published on the site tips read
16 comments | | Score: 4