From owner-freebsd-security Mon May 24 11:34:31 1999 Delivered-To: freebsd-security@freebsd.org Received: from shell6.ba.best.com (shell6.ba.best.com [206.184.139.137]) by hub.freebsd.org (Postfix) with ESMTP id 5885815122 for ; Mon, 24 May 1999 11:34:26 -0700 (PDT) (envelope-from jkb@shell6.ba.best.com) Received: (from jkb@localhost) by shell6.ba.best.com (8.9.3/8.9.2/best.sh) id LAA03178; Mon, 24 May 1999 11:33:07 -0700 (PDT) Message-ID: <19990524113306.A29468@best.com> Date: Mon, 24 May 1999 11:33:06 -0700 From: "Jan B. Koum " To: sthaug@nethelp.no, nate@mt.sri.com Cc: security@FreeBSD.ORG Subject: Re: Denial of service attack from "imagelock.com" References: <199905241644.KAA12091@mt.sri.com> <33876.927565339@verdi.nethelp.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <33876.927565339@verdi.nethelp.no>; from sthaug@nethelp.no on Mon, May 24, 1999 at 07:02:19PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, May 24, 1999 at 07:02:19PM +0200, sthaug@nethelp.no wrote: > > -current is not used by very many folks (it certainly should not be used > > by anyone in production environments) and non-UDP traceroute is only > > used by a few OS's. > > Checking some more I see that it has actually been MFCed, so the non-UDP > version is also in 3.2-STABLE (but not in 3.2-RELEASE). > > Anybody know of other OSes that have the non-UDP version? (Excluding > Windows, of course, which has been based on ICMP all the time, AFAIK). > > Steinar Haug, Nethelp consulting, sthaug@nethelp.no > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message Actually 3.2-STABLE uses UDP version by default. Look: foo% traceroute nau traceroute to nautilus.yahoo.com (206.132.89.24), 30 hops max, 40 byte packets 1 nautilus (206.132.89.24) 0.332 ms 0.283 ms 0.234 ms nautilus% !! and not port 22 tcpdump host foo and not port 22 tcpdump: listening on fxp0 11:30:03.082728 foo.yahoo.com.34556 > nautilus.yahoo.com.33435: udp 12 [ttl 1] 11:30:03.082817 nautilus.yahoo.com > foo.yahoo.com: icmp: nautilus.yahoo.com udp port 33435 unreachable 11:30:03.085415 foo.yahoo.com.34556 > nautilus.yahoo.com.33436: udp 12 [ttl 1] 11:30:03.085488 nautilus.yahoo.com > foo.yahoo.com: icmp: nautilus.yahoo.com udp port 33436 unreachable 11:30:03.085824 foo.yahoo.com.34556 > nautilus.yahoo.com.33437: udp 12 [ttl 1] 11:30:03.085877 nautilus.yahoo.com > foo.yahoo.com: icmp: nautilus.yahoo.com udp port 33437 unreachable BTW, would be nice to put traceroute 1.4 into /usr/src/contrib .. it ihas support for icmp only traceroute (-I) which is IMHO cool. ;) -- Yan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message