[107] in bugtraq
Talkd storms
daemon@ATHENA.MIT.EDU (Charles Howes)
Sat Oct 29 08:52:53 1994
Date: Sat, 29 Oct 1994 04:42:57 -0700 (PDT)
From: Charles Howes <chowes@helix.net>
To: Jas <matt@uts.EDU.AU>
Cc: bugtraq@fc.net
In-Reply-To: <9410291055.AA11454@matt.itd.uts.edu.au>
On Sat, 29 Oct 1994, Jas wrote:
> Charles Howes wrote this...
> >
> > Lately, there's been a few denial-of-service attacks with a twist,
> > using talkd.
> >
> > Apparently, if you send the right packet to a talkd port, you can get
> > talkd to pick a fight with talkd on an arbitrary host. The network
> > between the hosts quickly becomes unusable.
> >
> > 1) Anyone found the program (can flash do it?) to demonstrate?
> > 2) Anyone fixed it yet? :-)
> >
> does it use source routing? have you seen it happen? i am intrigued, and
> sorry i have no futher info on it, but i will scan thorugh the talkd code
> to see if i can find anything that might do this.
>
>
> Matt
I have been told that the network outage that occurred with our network
provider two days ago was caused by a storm of packets headed to/from
talkd. A previous storm was rumored to have happened at a local
university several months ago.
It may or may not have involved source routing, it may or may not have
involved a completely bogus packet, carefully crafted on a PC or
root-broken unix box. Considering that 'flash' doesn't require any
special privileges, this attack may be do-able by anyone with a unix
account.
I'd like to know how it is possible, and how to make it either
1) Not possible, and/or
2) Traceable
--
Charles Howes -- chowes@helix.net
I was gratified that I could answer quickly. I said that I didn't know.
- Mark Twain
