Date: Wed, 27 May 1998 08:24:56 -0700 From: David Greenman <dg@root.com> To: sthaug@nethelp.no Cc: bag@sinbin.demos.su, andrew@squiz.co.nz, sysadmin@mfn.org, freebsd-security@FreeBSD.ORG Subject: Re: Possible DoS opportunity via ping implementation error? Message-ID: <199805271524.IAA07609@implode.root.com> In-Reply-To: Your message of "Wed, 27 May 1998 12:39:30 %2B0200." <9793.896265570@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
>off (no multicast/broadcast echo). The following patch is against >2.2-980506-SNAP (ip_icmp.c,v 1.22.2.2), but should work equally well >against FreeBSD-current. > >Late breaking news: I just checked -current on ftp.cdrom.com, and it >now has the IN_MULTICAST test removed. Still initializes icmpbmcastecho >to 1, though. I think it *should* default to 0 (off). I noticed the bug last week when cdrom.com was the target of a smurf attack. It took a few days to get Garrett's opinion on how to fix it, and I committed the fix yesterday. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805271524.IAA07609>