[plug] local DoS with ping -R
Matt Kemner
zombie at networx.net.au
Mon Dec 13 10:22:28 WST 1999
On Mon, 13 Dec 1999, Christian wrote:
> How do people ping flood others using /bin/ping unless they have root
> access? (in which case not being setuid doesn't help.) There was a bug
> with the signal handling which allowed an effective ping flood but hasn't
> this been fixed?
You can flood somebody's link quite effectively by using
"ping -s <some really big number> <their IP address>"
If you run several such pings from a machine with a suitably large link
(like an ISP's or uni's shell server) then the recipient can kiss goodbye
to their modem link for the duration.
I found many of our online-games-playing customers were using it to cheat,
and it was starting to take up too much of my time chasing them up, so I
disabled the -s flag.
- Matt(now wondering if I should modify it again so that if they try -s,
it works out who they are and floods their modem instead :)
More information about the plug
mailing list