[13932] in North American Network Operators' Group
Re: OPS: SECURITY new packet of death
daemon@ATHENA.MIT.EDU (John Hawkinson)
Fri Nov 21 11:51:06 1997
From: John Hawkinson <jhawk@bbnplanet.com>
To: kline@uiuc.edu (Charley Kline)
Date: Fri, 21 Nov 1997 11:47:31 -0500 (EST)
Cc: nanog@merit.edu
In-Reply-To: <199711211541.JAA30034@spiffy.cso.uiuc.edu> from "Charley Kline" at Nov 21, 97 09:41:33 am
> > land.c is this program
>
> I tried it against a 7505 running 11.2(9)P and a 2511 running 11.2(7a),
> with no obvious bad effects. The announcement does not indicate which
> IOS versions are vulnerable; I'd love to know.
11.1(1) is certainly vulnerable, though in a far more restricted
fashion than most affected TCP/IP stacks are.
I suspect that you may have ben careless in your porting of the exploit...
To answer Mr. Denninger's query, I don't really feel that releasing the
portable version of the exploit on a list with as many unsavory characters
as NANOG is really a great plan. In the grand scheme of things it almost
certainly doesn't matter, but I'll nevertheless
avoid it.
--jhawk
