Date: Wed, 27 May 1998 00:57:18 -0500 From: "J.A. Terranson" <sysadmin@mfn.org> To: "'Andrew McNaughton'" <andrew@squiz.co.nz>, "'FreeBSD Security'" <freebsd-security@FreeBSD.ORG> Subject: RE: Possible DoS opportunity via ping implementation error? Message-ID: <01BD890A.669F8310@w3svcs.mfn.org>
next in thread | raw e-mail | index | archive | help
I am running fairly plain-jane FBSD 2.2.5 from FTP.FREEBSD.ORG... CERT is *wrong* J.A. Terranson sysadmin@mfn.org -----Original Message----- From: Andrew McNaughton [SMTP:andrew@squiz.co.nz] Sent: Wednesday, May 27, 1998 12:38 AM To: J.A. Terranson; 'FreeBSD Security' Subject: Re: Possible DoS opportunity via ping implementation error? At 3:05 PM 27/5/98, J.A. Terranson wrote: >I had a very interesting day today! I found out that FBSD (2.2.5R) >machines will >always respond to a broadcasted echo request. For example: This contradicts the CERT Advisory below which states that FreeBSD does not have the problem. Either the CERT report is wrong, a problem has been introduced since, or it's specific to the way you've set up your boxes. I'd like to know which. >============================================================================= >CERT* Advisory CA-98.01.smurf >Original issue date: Jan. 05, 1998 >Last revised: -- > >Topic: "smurf" IP Denial-of-Service Attacks > <SNIP> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BD890A.669F8310>