On Wed, 25 Jul 2001, Michal Zalewski wrote: > Uh-huh. Tested it on Linux 2.2 and 2.4, can't confirm the problem. It > would be pretty strange, btw, since it simply generates normal UDP packet, > no black magic, really, and remote system, unless there's comast service > running, politely responds with 'ICMP destination port unreachable', which > is translated into 'Connection refused'. After Stefan made his post to Bugtraq, I performed a few tests on machines running Linux 2.2.14 and Linux 2.4.0. I wrote a simple test program to send a large number of small messages to an arbitrary serviceless port on the target machines. I was able to reproduce the problem on a slower (400mhz) machine running 2.4.0, it virtually stopped responding until the flood ended. Cade Cairns SecurityFocus http://www.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Jul 26 2001 - 20:50:20 PDT