Date: Wed, 27 May 1998 16:58:31 -0700 From: David Greenman <dg@root.com> To: andrew@squiz.co.nz (Andrew McNaughton) Cc: "J.A. Terranson" <sysadmin@mfn.org>, "'FreeBSD Security'" <freebsd-security@FreeBSD.ORG> Subject: Re: Possible DoS opportunity via ping implementation error? Message-ID: <199805272358.QAA10311@implode.root.com> In-Reply-To: Your message of "Wed, 27 May 1998 17:37:46 %2B1200." <v02120d01b191523ade7a@[192.168.1.2]>
next in thread | previous in thread | raw e-mail | index | archive | help
>At 3:05 PM 27/5/98, J.A. Terranson wrote: >>I had a very interesting day today! I found out that FBSD (2.2.5R) >>machines will >>always respond to a broadcasted echo request. For example: > >This contradicts the CERT Advisory below which states that FreeBSD does not >have the problem. > >Either the CERT report is wrong, a problem has been introduced since, or >it's specific to the way you've set up your boxes. > >I'd like to know which. ... >>FreeBSD, Inc. >>============= >>In FreeBSD 2.2.5 and up, the tcp/ip stack does not respond to icmp >>echo requests destined to broadcast and multicast addresses by default. This >>behaviour can be changed via the sysctl command via >>mib net.inet.icmp.bmcastecho. The CERT advisory is wrong. FreeBSD has always responded to broadcast ICMP echo requests by default. Further, the option mentioned to disable them was broken in 2.2.x and -current until just yesterday. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805272358.QAA10311>