Date: Mon, 26 Feb 1996 16:30:42 -0500 From: "Garrett A. Wollman" <wollman@lcs.mit.edu> To: Nathan Lawson <nlawson@kdat.csc.calpoly.edu> Cc: security@freebsd.org Subject: Re: Alert: UDP Port Denial-of-Service Attack (fwd) Message-ID: <9602262130.AA24901@halloran-eldar.lcs.mit.edu> In-Reply-To: <199602262110.NAA13050@kdat.calpoly.edu> References: <9602251821.AA15742@halloran-eldar.lcs.mit.edu> <199602262110.NAA13050@kdat.calpoly.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Mon, 26 Feb 1996 13:10:47 -0800 (PST), Nathan Lawson <nlawson@kdat.calpoly.edu> said: > Another attack that would possibly work is that you could send a packet to > the daytime port from the broadcast address. I believe that most modern > systems (including FreeBSD) will need the socket to have SO_BROADCAST set > so this most likely won't succeed. Actually, substitute `all-hosts multicast' for `broadcast' and `to and from' for `from', and you've got the original scenario which caused me to shudder for a minute and then write this code. Can you say `broadcast storm'? I knew you could... :-( > Be kind to your neighbors. Block outgoing spoofed source addresses as well > as incoming. That doesn't help us, where most of the trouble comes from cracked machines on our own networks... -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9602262130.AA24901>