From owner-freebsd-net@FreeBSD.ORG Mon May 2 16:43:51 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F80816A4CE for ; Mon, 2 May 2005 16:43:51 +0000 (GMT) Received: from mxsf28.cluster1.charter.net (mxsf28.cluster1.charter.net [209.225.28.228]) by mx1.FreeBSD.org (Postfix) with ESMTP id 99D1C43D41 for ; Mon, 2 May 2005 16:43:50 +0000 (GMT) (envelope-from c0ldbyte@myrealbox.com) Received: from mxip02.cluster1.charter.net (mxip02a.cluster1.charter.net [209.225.28.132])j42Ghng7009538 for ; Mon, 2 May 2005 12:43:49 -0400 Received: from 24-247-253-134.dhcp.aldl.mi.charter.com (HELO eleanor.us1.wmi.uvac.net) (24.247.253.134) by mxip02.cluster1.charter.net with ESMTP; 02 May 2005 12:43:49 -0400 X-Ironport-AV: i="3.92,145,1112587200"; d="scan'208"; a="890116128:sNHT13858248" Date: Mon, 2 May 2005 16:43:41 +0000 (UTC) From: c0ldbyte To: gandalf@digital.net In-Reply-To: <32528526.1115049523374.JavaMail.root@wamui08.slb.atl.earthlink.net> Message-ID: <20050502163519.V69368@eleanor.us1.wmi.uvac.net> References: <32528526.1115049523374.JavaMail.root@wamui08.slb.atl.earthlink.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and the Rose Attack / NewDawn X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 May 2005 16:43:51 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 2 May 2005 gandalf@digital.net wrote: > Greetings and Salutations: > > I *just* got my FreeBSD setup stable and working witha KDE GUI. :-). I know, easy for you guys but this is the first time I have set up FreeBSD with automatic updates. I settled on FreeBSD 5.4 after many tries. > > I tried the Rose Attack / NewDawn against my laptop (it is a slow Pentium II 400 MHz Dell Inspiron 7000): > http://digital.net/~gandalf/Rose_Frag_Attack_Explained.htm > > Specifically: > ../NewDawn4 1 0 5 9999 99999999 4000 2 > > My machine locked up at pretty close to 100% when viewing the top command. > > I asked a fellow worker who had a PIII 733 MHz to take a look and he reported about 70% CPU increase. > > FYI. You might wish to take a look into this, IMHO this is a decent CPU DOS. > > Ken > Works nicely if you have access to root on a local machine for lan use and the machines have been compiled with bpf support. Other then that my testing on these cases over the net "internet" have not yielded any proposed results to effect FreeBSD machines. Tried on 4.x & 5.x. Any other proof that this yields anything that we need to worry about?. - -- ( When in doubt, use brute force. -- Ken Thompson 1998 ) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF7DF979F Comment: Fingerprint = D1DC 0AA4 1C4E EAD4 24EB 7E77 B261 50BA F7DF 979F iD8DBQFCdljAsmFQuvffl58RAheSAJ4ulWNwBZaskZflofKJ1JXeKlgf5ACfbjh0 p3GHiuf/qf2KQq/oWDkFwjI= =fT62 -----END PGP SIGNATURE-----