[plug] local DoS with ping -R

Anthony J. Breeds-Taurima tony at cantech.net.au
Mon Dec 13 11:37:47 WST 1999


On Mon, 13 Dec 1999, Matt Kemner wrote:

> On Mon, 13 Dec 1999, Anthony J. Breeds-Taurima wrote:
> 
> > On RedHat 6.1 (with all the latest updates)as a completely ordinary user I
> > can ping -s :(
> > 
> > ~$ ping -s 65536 www.cantech.net.au
> > Error: packet size 65536 is too large. Maximum is 65507
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > I think this is VERY bad :(
> 
> So can you ping -s 65468 -R ?
> (WARNING, this will kill the machine if you're running 2.0)

I can quite happily
ping -s 65468

If I add the Record Route option (-R) I get a nice message saying:
~$ ping -s 65468 -R www
Error: packet size 65468 is too large. Maximum is 65467

So this ping util wont let you build a dangerous ping packet, in this instance
anyway.


I can't wait 'till I get a dedicated shell server.

Yours Tony.



More information about the plug mailing list