Bugtraq mailing list archives
Re: udp packet storms
From: avalon () coombs anu edu au (Darren Reed)
Date: Tue, 1 Nov 1994 03:31:36 +1100 (EDT)
[...]
This is certainly a bug, and a bad one. You aren't supposed to have to hack every program that uses UDP not to reply on the broadcast address; the need for the sockopt if you want to do a broadcast is supposed to protect you. This is Very Bad News. It means that it is possible to disable remote networks by sending out chernobylgrams to them provided the router shares the defect -- and many firewall routers these days run by people who believe in packet filtering are BSD based and might have this flaw. Could people tell us which operating systems have this defect and which do not? This is an important one to catch before the evil folks get out their packet forgers. Perry
Don't be fooled by routers (cisco is a good example) which will answer broadcast ping's - udp broadcast still plough on through...and back comes the flood...(just tested this - ping 1.2.3.0 made the router reply but using Tim's program, the entire subnet it had wanted to `protect' wanted to answer). It would appear that inetd (on HP-UX at least) sets SO_BROADCAST when it sets up internal services (such as echo)... darren
Current thread:
- Re: udp packet storms, (continued)
- Re: udp packet storms Charles Howes (Oct 30)
- Re: udp packet storms Darren Reed (Oct 30)
- Re: udp packet storms Wietse Venema (Oct 30)
- Re: udp packet storms Jas (Oct 30)
- Re: udp packet storms Perry E. Metzger (Oct 30)
- Re: udp packet storms Tim Newsham (Oct 30)
- Re: udp packet storms Darren Reed (Oct 31)
- Re: udp packet storms Perry E. Metzger (Oct 31)
- Re: udp packet storms anthony baxter (Oct 31)
- Re: udp packet storms Paul 'Shag' Walmsley (Oct 31)
- Re: udp packet storms Darren Reed (Oct 31)
- CPF: 5th USENIX UNIX Security Symposium Frederick M Avolio (Oct 31)
- Re: udp packet storms Charles Howes (Oct 30)
- Re: udp packet storms (more results) Paul 'Shag' Walmsley (Oct 31)