Bugtraq mailing list archives
Re: `smurf' multi-broadcast icmp attack
From: brad.powell () WEST SUN COM (Brad Powell)
Date: Thu, 16 Oct 1997 08:58:17 -0700
---------- X-Sun-Data-Type: text X-Sun-Data-Description: text X-Sun-Data-Name: text X-Sun-Charset: us-ascii X-Sun-Content-Lines: 15 Therapy, Thanks for fix for linux! In the spirit of sharing, below is a shell script that is part of titan a tool suite that fixes many of these common problems in/for Solaris (only/mostly). ======================================================================= Brad Powell : brad.powell () Sun COM Sr. Network Security Consultant Sun Microsystems Inc. ======================================================================= The views expressed are those of the author and may not reflect the views of Sun Microsystems Inc. ======================================================================= ---------- X-Sun-Data-Type: shell-script X-Sun-Data-Description: shell-script X-Sun-Data-Name: disable-ping.echo.sh X-Sun-Charset: us-ascii X-Sun-Content-Lines: 63 #!/bin/sh # bpowell 06/21/97 script to add the ndd line to disable response to echo # modifies S69inet # # Note ### # This tool suite was written by and is copyright Brad Powell 1991, # 1992, 1993, 1994, 1995, and 1996, with help and input from Casper Dik, # Alec Muffett, Dan Farmer, and Matt Archibald. # # The copyright holder disclaims all responsibility or liability with # respect to its usage or its effect upon hardware or computer # systems, and maintains copyright as set out in the "LICENCE" # document which accompanies distribution. # # Titan version 0.1 # # setup PATH=/usr/ucb:/bin:/usr/bin:/sbin MYNAME=`basename $0` # Check for execution by root if [ `/usr/xpg4/bin/id -un` != root ] then echo " " echo >&2 "$MYNAME: error: must be run as root." echo " " exit 1 fi # Introduction # cat << EOF # # This disables ip_respond_to_echo_broadcast so that specific ping crashes # don't work # The program modifies /etc/rc2.d/S69inet # # ndd -set /dev/ip ip_respond_to_echo_broadcast 0 # EOF # echo press enter to continue"\c" # read YN if test -f /etc/rc2.d/S??inet then echo " Now adding the new ndd command" ed - /etc/rc2.d/S??inet <<- ! g/tcp_old_urp_interpretation a ndd -set /dev/ip ip_respond_to_echo_broadcast 0 . w Q ! echo " Modifcations to rc2.d complete" fi echo " Done."
Current thread:
- Re: `smurf' multi-broadcast icmp attack, (continued)
- Re: `smurf' multi-broadcast icmp attack Jon Lewis (Oct 16)
- Update - Seattle Lab Slmail v2.5 for NT vulnerable David LeBlanc (Oct 16)
- wwwcount remote exploit Nicolas Dubee (Oct 16)
- Re: wwwcount remote exploit (@ Solaris) Jan Wedekind (Oct 17)
- Security Hole in Explorer 4.0 Aleph One (Oct 17)
- computer immunology VaX#n8 (Oct 17)
- Jabadoo Security Hack Aleph One (Oct 17)
- WinNT syscalls insecurity Solar Designer (Oct 19)
- Re: WinNT syscalls insecurity Roger Espel Llima (Oct 18)
- Run, RunOnce and Uninstall Registry Keys Vulnerability Aleph One (Oct 16)
- Re: `smurf' multi-broadcast icmp attack Brad Powell (Oct 16)