Mike Ireton wrote: > > i found that when u do a ping -s 65468 -R ANYIPADDRESS ( -R record > > route) the system starts to print on the screen kernel dumps > > , freezes complitely and after few secconds the system reboots. This can be 'fixed' (okay kludged around) by altering the #define MAXPACKET (65536 - 60 - 8)/* max packet size */ line in ping.c I've reduced it to 32K (32768) on my Linux 2.0.36 box, since that should avoid all possible problems (air on the side of caution and all that). I don't see users having any reason to need such large ping packets anyway (other than for the purpose of local or remote exploits). For those using RedHat 5.2 I've made an SRPM and .i368 RPM containing my new ping and they are avaiable via annon. ftp at ftp://ox.compsoc.net/users/swhite/ping/ You'll need to install with --force since the package reports the same version as the normal redhat5.2 one so RPM thinks it's already installed. It has also been suggested that ping could be patched to make '-s' only available to root (like '-l' is), as an alternative solution. I haven't tried this but it should be a fairly simple modification. Neither of these address the real problem in the kernel, but they do mean that sysadmins can go on allowing users to run ping without the worry of quite such a trivial DoS. The same problem does not appear to occur in Linux 2.2, Windows 95 or Solaris 2.7. -- Stephen White OU Compsoc System Administration Team <swhiteat_private> http://www.ox.compsoc.net/~swhite/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:20:36 PDT