On Sat, 13 Dec 1997, Jason Zapman II wrote: > This is sunkill.c > > It Affects at least solaris 2.5.1 machines, both sun4c and sun4m > achitecutures. I imagine it affects all solaris 2.5.1 machines, both sparc > and x86, but im not sure. It basically works by opening a telnet ... I just tested this on a Solaris 2.6 sun4c machine (an old SS1+ I use as a PPP server), and it seems to hang the machine for about 30-45 seconds, and then it recovers. Tried hammering it a number of times, but I couldn't reproduce a total lock-up. It looks like Solaris 2.6 isn't vulnerable to this attack from a crashing standpoint, but it's quite effective as a denial of service attack. I'll try it on some fully patched 2.4 and 2.5 machines on monday. -James ============================================================================= James D. Lockwood The Getty Information Institute System Administrator 1200 Getty Center Drive, Suite 300 jamesat_private Los Angeles, CA 90049-1680
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:35:42 PDT