Re: To kill a sun:

[dleblanc () MINDSPRING COM (David LeBlanc)]

At 03:48 PM 12/13/97 -0500, Jason Zapman II wrote:
> This is sunkill.c
>
> It Affects at least solaris 2.5.1 machines, both sun4c and sun4m
> achitecutures.  I imagine it affects all solaris 2.5.1 machines, both sparc
> and x86, but im not sure.  It basically works by opening a telnet
> connection on the victim machine and sends a few bad telnet negotiation
> options, then flooods the port with lots of ^D characters.  This uses all
> the streams memory (i think) on the victims machine and causes the kernel
> to get very angry.  The machien crawls to a halt, the cursor in X stops
> moving, the machine is unresponsive to the network.  Its a bad situation
> all around.

In testing against Linux 2.0.29, it appears to cause the load average to
slowly rise.  It has been running for a couple of minutes, and the host
seems to be tolerating it OK, but it does seem a little annoyed.  Nothing
like what you report vs. Solaris.  The Linux box shows no signs of
terminating the connection, though - IMHO, that is a bad thing.

How long does it have to run vs. Solaris to cause mayhem?  Has anyone else
found any other OS's vulnerable?


David LeBlanc           |Why would you want to have your desktop user,
dleblanc () mindspring com |your mere mortals, messing around with a 32-bit
                        |minicomputer-class computing environment?
                        |Scott McNealy