Vulnerability Development mailing list archives

Re: ping flooding as normal user

From: Slawek <sgp () TELSATGP COM PL>
Date: Mon, 14 Aug 2000 20:45:34 +0200

On Mon, 14 Aug 2000, Slawek wrote:

-s parameter of ping command has no upper limit for normal users.
This allows normal users to send for example 1 * 60000 bytes of ICMP data
per second (from one copy of ping invoked)


Mon, August 14, 2000 8:32 PM +0200, Glen Rosenblatt wrote:

the problem is you aren't flooding, you are just sending the data, also
there is no use for normal users to have access to ping , chmod 700 ping,
and you are all set



Yes, right .. but my problem is not I'm used for DoSing somebody else .. my
problem is I'm being DoSed ..


ping need to be suid root (if it weren't chmoding to 700 would do nothing -
normal user could compile his own copy) and deleteing the suid bit is
enough. Some systems has ping without suid bit set, although it's not the
default configuration in most Unix/Linux distros ..


I really think ping should be installed without suid bit in *default*
configurations.

It's not .. and I'm DoSed :(


Bye,
Slawek

Current thread:

ping flooding as normal user Slawek (Aug 14)
- Re: ping flooding as normal user Bluefish (Aug 14)
  - Re: ping flooding as normal user Pavel Kankovsky (Aug 15)
  - Re: ping flooding as normal user Daniel Petzen (Aug 15)
- Re: ping flooding as normal user Glen Rosenblatt (Aug 14)
  - Re: ping flooding as normal user Slawek (Aug 14)
    - Re: ping flooding as normal user Cam (Aug 15)
- "Re: ping flooding as normal user" and strange icmp behavior with Linux 2.4 Weston Pawlowski (Aug 17)
  - Re: "Re: ping flooding as normal user" and strange icmp behavior withLinux 2.4 Sebastian Pape (Aug 18)
    - Re: "Re: ping flooding as normal user" and strange icmp behaviorwithLinux 2.4 Alon Oz (Aug 20)
  - Re: "Re: ping flooding as normal user" and strange icmp behavior with Linux 2.4 Slawek (Aug 20)