Bugtraq mailing list archives
Re: pingflood.c
From: solar () FALSE COM (Solar Designer)
Date: Mon, 18 May 1998 14:36:06 +0400
Hello,
Pingflood simply sends a lot of SIGALRM signals to the ping process. It can do this because the ping process is owned by the user.
Here's a fix I just did, for ping from Linux's NetKit 0.09 -- nothing complicated, I'm posting it just to save some BugTraq readers a minute. Note: I'm doing it this weird way since just doing a setuid() would also make it impossible for users to kill their ping processes (with SIGTERM). --- ping.c.orig Sun Dec 29 19:13:01 1996 +++ ping.c Mon May 18 14:09:03 1998 @@ -64,6 +64,7 @@ #include <sys/socket.h> #include <sys/file.h> #include <sys/time.h> +#include <sys/times.h> #include <sys/signal.h> #include <netinet/in.h> @@ -270,6 +271,11 @@ options |= F_SO_DONTROUTE; break; case 's': /* size of packet to send */ + if (!am_i_root) { + (void)fprintf(stderr, + "ping: %s\n", strerror(EPERM)); + exit(2); + } datalen = atoi(optarg); if (datalen > MAXPACKET) { (void)fprintf(stderr, @@ -488,12 +494,22 @@ * quality of the delay and loss statistics. */ static void -catcher(int ignore) +catcher(int signum) { + struct tms buf; + clock_t current; + static clock_t last = 0; int waittime; - (void)ignore; - pinger(); + if (signum) { + current = times(&buf); + if (current - last >= CLK_TCK - 1 || current < last) { + last = current; + pinger(); + } + } else + pinger(); + (void)signal(SIGALRM, catcher); if (!npackets || ntransmitted < npackets) alarm((u_int)interval); Signed, Solar Designer
Current thread:
- Re: Bay Networks Security Hole Berislav Todorovic (May 11)
- <Possible follow-ups>
- Re: Bay Networks Security Hole Kirby Dolak (May 14)
- Re: Bay Networks Security Hole Gert Doering (May 14)
- security holes, notification protocols, and a clarification Michael Tiemann (May 14)
- pingflood.c AntireZ (Apr 09)
- Re: pingflood.c Solar Designer (May 18)
- Toshiba notebooks BIOS password backdoor Rop Gonggrijp (May 15)
- Re: Toshiba notebooks BIOS password backdoor Aleph One (May 15)
- May SysAdmin man.sh security hole Aleph One (May 16)
- kde exploit Catalin Mitrofan (May 16)
- Re: kde exploit Aleph One (May 16)
- Re: security holes, notification protocols, and a clarification Elmer Joandi (May 15)
- Re: security holes, notification protocols, and a clarification Nathan Neulinger (May 15)