[5787] in bugtraq
Re: To kill a sun:
daemon@ATHENA.MIT.EDU (James Lockwood)
Sun Dec 14 14:57:33 1997
Date: Sun, 14 Dec 1997 00:33:44 -0800
Reply-To: James Lockwood <james@VANEYCK.GII.GETTY.EDU>
From: James Lockwood <james@VANEYCK.GII.GETTY.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <hvg4t4dufyk.fsf@vinnie.cc.gatech.edu>
On Sat, 13 Dec 1997, Jason Zapman II wrote:
> This is sunkill.c
>
> It Affects at least solaris 2.5.1 machines, both sun4c and sun4m
> achitecutures. I imagine it affects all solaris 2.5.1 machines, both sparc
> and x86, but im not sure. It basically works by opening a telnet
...
I just tested this on a Solaris 2.6 sun4c machine (an old SS1+ I use as a
PPP server), and it seems to hang the machine for about 30-45 seconds, and
then it recovers. Tried hammering it a number of times, but I couldn't
reproduce a total lock-up.
It looks like Solaris 2.6 isn't vulnerable to this attack from a crashing
standpoint, but it's quite effective as a denial of service attack. I'll
try it on some fully patched 2.4 and 2.5 machines on monday.
-James
=============================================================================
James D. Lockwood The Getty Information Institute
System Administrator 1200 Getty Center Drive, Suite 300
james@gii.getty.edu Los Angeles, CA 90049-1680
