From owner-freebsd-security  Wed May 27 08:25:43 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA19484
          for freebsd-security-outgoing; Wed, 27 May 1998 08:25:43 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from implode.root.com (implode.root.com [198.145.90.17])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA19437
          for <freebsd-security@FreeBSD.ORG>; Wed, 27 May 1998 08:25:32 -0700 (PDT)
          (envelope-from root@implode.root.com)
Received: from implode.root.com (localhost [127.0.0.1])
	by implode.root.com (8.8.5/8.8.5) with ESMTP id IAA07609;
	Wed, 27 May 1998 08:24:56 -0700 (PDT)
Message-Id: <199805271524.IAA07609@implode.root.com>
To: sthaug@nethelp.no
cc: bag@sinbin.demos.su, andrew@squiz.co.nz, sysadmin@mfn.org,
        freebsd-security@FreeBSD.ORG
Subject: Re: Possible DoS opportunity via ping implementation error? 
In-reply-to: Your message of "Wed, 27 May 1998 12:39:30 +0200."
             <9793.896265570@verdi.nethelp.no> 
From: David Greenman <dg@root.com>
Reply-To: dg@root.com
Date: Wed, 27 May 1998 08:24:56 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

>off (no multicast/broadcast echo). The following patch is against
>2.2-980506-SNAP (ip_icmp.c,v 1.22.2.2), but should work equally well
>against FreeBSD-current.
>
>Late breaking news: I just checked -current on ftp.cdrom.com, and it
>now has the IN_MULTICAST test removed. Still initializes icmpbmcastecho
>to 1, though. I think it *should* default to 0 (off).

   I noticed the bug last week when cdrom.com was the target of a smurf
attack. It took a few days to get Garrett's opinion on how to fix it, and
I committed the fix yesterday.

-DG

David Greenman
Co-founder/Principal Architect, The FreeBSD Project

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message