[20099] in bugtraq
Re: Reliant Unix 5.43 / 5.44 ICMP port unreachable problem
daemon@ATHENA.MIT.EDU (Andrea Barisani)
Mon Apr 9 05:25:16 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.10.10104071116210.12434-100000@sole.infis.univ.trieste.it>
Date: Sat, 7 Apr 2001 11:23:20 +0200
Reply-To: Andrea Barisani <lcars@INFIS.UNIV.TRIESTE.IT>
From: Andrea Barisani <lcars@INFIS.UNIV.TRIESTE.IT>
X-To: Gonzalez Albert <Albert.Gonzalez@sms.siemens.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <74EBEEC50B23D411AACC00508B959FC8044C5613@iseexch02.sms.siemens.com>
On Fri, 6 Apr 2001, Gonzalez Albert wrote:
> Andrea,
>
> How could this be reproduced? I have a couple of Reliant Unix boxes over
> here.
>
> Albert
>
Hi Albert,
Just connect from a host to the box via ftp, ssh or telnet and during the
connection send from your host an icmp port unreachable (Type 3 code 3),
you can use tools like sing or icmpush, with sing the syntax is
host# ./sing -du -x port-unreach reliantboxaddress
if you want to spoof from another host do
host1# ./sing -du -x port-unreach -S host reliantboxaddress
Any connections beetween host and reliantbox will be dropped.
I've tested this with three different RU server..
Bye
>
>
> Hi to all,
>
> I don't know if anyone might be interested in this (Reliant Unix is a sort
> of archaeological OS) but sending an icmp port unreachable error to a RU
> cause an immediate drop of all the connections in progress between the
> server and the icmp-sender host, of course spoofing the icmp address
> originator cause the drop of connections between an arbitrary host.
>
> Bye
>
-----------------------------------------------------------
NE&T Network Administrator & Security Officer
Area Science Park - S.S. 14 Km 163.5 Basovizza (TS) - Italy
lcars@newtech.it - PGP Key 0x8E21FE82 - +39 040 3757938
-----------------------------------------------------------
"How would you know I'm mad?" said Alice.
"You must be,'said the Cat,'or you wouldn't have come here"
-----------------------------------------------------------
