Vulnerability Development mailing list archives
Re: ping flooding as normal user
From: Slawek <sgp () TELSATGP COM PL>
Date: Mon, 14 Aug 2000 20:45:34 +0200
On Mon, 14 Aug 2000, Slawek wrote:
-s parameter of ping command has no upper limit for normal users. This allows normal users to send for example 1 * 60000 bytes of ICMP data per second (from one copy of ping invoked)
Mon, August 14, 2000 8:32 PM +0200, Glen Rosenblatt wrote:
the problem is you aren't flooding, you are just sending the data, also there is no use for normal users to have access to ping , chmod 700 ping, and you are all set
Yes, right .. but my problem is not I'm used for DoSing somebody else .. my problem is I'm being DoSed .. ping need to be suid root (if it weren't chmoding to 700 would do nothing - normal user could compile his own copy) and deleteing the suid bit is enough. Some systems has ping without suid bit set, although it's not the default configuration in most Unix/Linux distros .. I really think ping should be installed without suid bit in *default* configurations. It's not .. and I'm DoSed :( Bye, Slawek
Current thread:
- ping flooding as normal user Slawek (Aug 14)
- Re: ping flooding as normal user Bluefish (Aug 14)
- Re: ping flooding as normal user Pavel Kankovsky (Aug 15)
- Re: ping flooding as normal user Daniel Petzen (Aug 15)
- Re: ping flooding as normal user Glen Rosenblatt (Aug 14)
- Re: ping flooding as normal user Slawek (Aug 14)
- Re: ping flooding as normal user Cam (Aug 15)
- Re: ping flooding as normal user Slawek (Aug 14)
- "Re: ping flooding as normal user" and strange icmp behavior with Linux 2.4 Weston Pawlowski (Aug 17)
- Re: "Re: ping flooding as normal user" and strange icmp behavior withLinux 2.4 Sebastian Pape (Aug 18)
- Re: "Re: ping flooding as normal user" and strange icmp behavior with Linux 2.4 Slawek (Aug 20)
- Re: ping flooding as normal user Bluefish (Aug 14)