[5786] in bugtraq
Re: To kill a sun:
daemon@ATHENA.MIT.EDU (David LeBlanc)
Sun Dec 14 14:57:28 1997
Date: Sun, 14 Dec 1997 00:13:29 -0500
Reply-To: David LeBlanc <dleblanc@MINDSPRING.COM>
From: David LeBlanc <dleblanc@MINDSPRING.COM>
X-To: Jason Zapman II <zapman@CC.GATECH.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <hvg4t4dufyk.fsf@vinnie.cc.gatech.edu>
At 03:48 PM 12/13/97 -0500, Jason Zapman II wrote:
>This is sunkill.c
>
>It Affects at least solaris 2.5.1 machines, both sun4c and sun4m
>achitecutures. I imagine it affects all solaris 2.5.1 machines, both sparc
>and x86, but im not sure. It basically works by opening a telnet
>connection on the victim machine and sends a few bad telnet negotiation
>options, then flooods the port with lots of ^D characters. This uses all
>the streams memory (i think) on the victims machine and causes the kernel
>to get very angry. The machien crawls to a halt, the cursor in X stops
>moving, the machine is unresponsive to the network. Its a bad situation
>all around.
In testing against Linux 2.0.29, it appears to cause the load average to
slowly rise. It has been running for a couple of minutes, and the host
seems to be tolerating it OK, but it does seem a little annoyed. Nothing
like what you report vs. Solaris. The Linux box shows no signs of
terminating the connection, though - IMHO, that is a bad thing.
How long does it have to run vs. Solaris to cause mayhem? Has anyone else
found any other OS's vulnerable?
David LeBlanc |Why would you want to have your desktop user,
dleblanc@mindspring.com |your mere mortals, messing around with a 32-bit
|minicomputer-class computing environment?
|Scott McNealy
