[156] in bugtraq
Re: udp packet storms - ping death
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Thu Nov 3 10:21:15 1994
To: "Michael Neuman" <mcn@c3serve.c3.lanl.gov>
Cc: bugtraq@fc.net
In-Reply-To: Your message of "Wed, 02 Nov 1994 21:34:55 MST."
<199411030434.VAA08169@c3.lanl.gov>
Reply-To: perry@imsi.com
Date: Thu, 03 Nov 1994 07:56:55 -0500
From: "Perry E. Metzger" <perry@imsi.com>
"Michael Neuman" says:
> Perry Metzger says:
> > Charles Howes says:
> > > > Our copy of ping is installed setuid root; ...
> > >
> > > So you mean that any student at princeton can panic any Sun there just by
> > > typing that command? Cool...
> >
> > There are already so many ways to panic suns from userland...
>
> Here's a complete waste of bandwidth and everyone's time... Name as many
> ways to remotely panic a Sun that you know of, Perry, or don't fill the
> ether with this worthless drivel.
Truncating /dev/audio (although this seems to have been fixed in
4.1.3, or at least 4.1.3_U1). Doing unexpected things the streams
networking drivers seems to do nicely, too. I used to have a big list
of things to panic suns, but I've misplaced it. I'll search about and
see what I can dig up and check what still panics my current machines.
Generally speaking, "unusual" operations on streams drivers seem to
make 4.1.X machines go gaga. I haven't tried playing with the mouse
driver; it looks like a nice place to check next.
I also haven't tried running the program that generates random code
and executes it lately. I believe it was called something like
"crashme" but I'm probably wrong. I recall that it used to do nicely
under older 4.1.X environments, though the latest 4.1.3s might not go
south any longer. I'll have to check...
Perry
