[411] in Best-of-Security
BoS: Re: `smurf' multi-broadcast icmp attack
daemon@ATHENA.MIT.EDU (Brad Powell)
Tue Oct 21 20:34:39 1997
Date: Thu, 16 Oct 1997 08:58:17 -0700
Reply-To: Brad Powell <brad.powell@WEST.SUN.COM>
From: Brad Powell <brad.powell@WEST.SUN.COM>
Old-X-Originally-To: To: BUGTRAQ@NETSPACE.ORG
Old-X-Originated-From: From: Brad Powell <brad.powell@WEST.SUN.COM>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
----------
X-Sun-Data-Type: text
X-Sun-Data-Description: text
X-Sun-Data-Name: text
X-Sun-Charset: us-ascii
X-Sun-Content-Lines: 15
Therapy,
Thanks for fix for linux! In the spirit of sharing, below is a shell
script that is part of titan a tool suite that fixes many of these common
problems in/for Solaris (only/mostly).
=======================================================================
Brad Powell : brad.powell@Sun.COM
Sr. Network Security Consultant
Sun Microsystems Inc.
=======================================================================
The views expressed are those of the author and may
not reflect the views of Sun Microsystems Inc.
=======================================================================
----------
X-Sun-Data-Type: shell-script
X-Sun-Data-Description: shell-script
X-Sun-Data-Name: disable-ping.echo.sh
X-Sun-Charset: us-ascii
X-Sun-Content-Lines: 63
#!/bin/sh
# bpowell 06/21/97 script to add the ndd line to disable response to echo
# modifies S69inet
#
# Note
###
# This tool suite was written by and is copyright Brad Powell 1991,
# 1992, 1993, 1994, 1995, and 1996, with help and input from Casper Dik,
# Alec Muffett, Dan Farmer, and Matt Archibald.
#
# The copyright holder disclaims all responsibility or liability with
# respect to its usage or its effect upon hardware or computer
# systems, and maintains copyright as set out in the "LICENCE"
# document which accompanies distribution.
#
# Titan version 0.1
#
# setup
PATH=/usr/ucb:/bin:/usr/bin:/sbin
MYNAME=`basename $0`
# Check for execution by root
if [ `/usr/xpg4/bin/id -un` != root ]
then
echo " "
echo >&2 "$MYNAME: error: must be run as root."
echo " "
exit 1
fi
# Introduction
# cat << EOF
#
# This disables ip_respond_to_echo_broadcast so that specific ping crashes
# don't work
# The program modifies /etc/rc2.d/S69inet
#
# ndd -set /dev/ip ip_respond_to_echo_broadcast 0
# EOF
# echo press enter to continue"\c"
# read YN
if test -f /etc/rc2.d/S??inet
then
echo " Now adding the new ndd command"
ed - /etc/rc2.d/S??inet <<- !
g/tcp_old_urp_interpretation
a
ndd -set /dev/ip ip_respond_to_echo_broadcast 0
.
w
Q
!
echo " Modifcations to rc2.d complete"
fi
echo " Done."
