[11100] in bugtraq
Linux +ipchains+ ping -R
daemon@ATHENA.MIT.EDU (Andrej Todosic)
Fri Jul 23 19:50:21 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-Id: <2EFD9DB7E06AD211BFC700805FC777A401AF4A5D@EXCHMTL1>
Date: Thu, 22 Jul 1999 10:34:17 -0400
Reply-To: Andrej Todosic <atodosic@UBISOFT.QC.CA>
From: Andrej Todosic <atodosic@UBISOFT.QC.CA>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Hello ,
i am not quite sure if this has been discussed or if htere is a fix already
but i d still like to mention it.
linux firewall setup 2.2.5 or 2.2.10 and ipchains + Nat + advanced router
if you are less than nine hops away from it ping -R and ( assuming the fw
lets the packets go through ) you get a kernel panic .
You cant go wrong . i tried it on more than one firewall and more than one
kernel.
PS if you are testing it do make sure you are not going through the fw for a
connection ( which how i screwed myself up and left the ping -R in the
background )
Andrej
