From owner-freebsd-security  Tue May 26 23:00:03 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA05785
          for freebsd-security-outgoing; Tue, 26 May 1998 23:00:03 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from dc1.mfn.org (dc1.mfn.org [204.238.179.1])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id WAA05727
          for <freebsd-security@freebsd.org>; Tue, 26 May 1998 22:59:36 -0700 (PDT)
          (envelope-from sysadmin@mfn.org)
Received: from w3svcs.mfn.org (unverified [204.238.179.11]) by mail.mfn.org
 (EMWAC SMTPRS 0.83) with SMTP id <B0000016329@mail.mfn.org>;
 Wed, 27 May 1998 00:59:56 -0500
Received: by w3svcs.mfn.org with Microsoft Mail
	id <01BD890A.669F8310@w3svcs.mfn.org>; Wed, 27 May 1998 00:57:20 -0500
Message-ID: <01BD890A.669F8310@w3svcs.mfn.org>
From: "J.A. Terranson" <sysadmin@mfn.org>
To: "'Andrew McNaughton'" <andrew@squiz.co.nz>,
        "'FreeBSD Security'"
	 <freebsd-security@FreeBSD.ORG>
Subject: RE: Possible DoS opportunity via ping implementation error?
Date: Wed, 27 May 1998 00:57:18 -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk


I am running fairly plain-jane FBSD 2.2.5 from FTP.FREEBSD.ORG...

CERT is *wrong*

J.A. Terranson
sysadmin@mfn.org

-----Original Message-----
From:	Andrew McNaughton [SMTP:andrew@squiz.co.nz]
Sent:	Wednesday, May 27, 1998 12:38 AM
To:	J.A. Terranson; 'FreeBSD Security'
Subject:	Re: Possible DoS opportunity via ping implementation error?

At 3:05 PM 27/5/98, J.A. Terranson wrote:
>I had a very interesting day today!  I found out that FBSD (2.2.5R)
>machines will
>always respond to a broadcasted echo request.  For example:

This contradicts the CERT Advisory below which states that FreeBSD does not
have the problem.

Either the CERT report is wrong, a problem has been introduced since, or
it's specific to the way you've set up your boxes.

I'd like to know which.





>=============================================================================
>CERT* Advisory CA-98.01.smurf
>Original issue date: Jan. 05, 1998
>Last revised: --
>
>Topic: "smurf" IP Denial-of-Service Attacks
> 

<SNIP>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message