stream.c

Brian signal en shreve.net
Dom Ene 23 02:52:33 CST 2000 

On Sat, 22 Jan 2000, Michael H. Warfield wrote:

> On Sat, Jan 22, 2000 at 10:47:49AM -0600, Brian wrote:
> 
> > Does the prospect of coming up with a solution to stop attacks on the
> > kernel from stream.c look good?  With so many OS's vulnerable, I am sure
> > Linux will be one of the first fixed.  I don't suppose their is anything
> > we can do in the meantime to lessen the effects is there?
> 
> 	We've been looking over stream.c can't see that there is a problem.
> I've had numerous systems under fire from stream.c for hours with barely
> a slowup.  Alan's unimpressed, I'm unimpressed (I'm the Senior Researcher
> for Internet Security Systems).  We haven't been able to blow up a single
> Linux system using this utility.
> 
> 	You say "With so many OS's vulnerable".  Based on what?  The
> reports that I saw on BugTraq said that it blows up FreeBSD.  There
> is a patch out there for FreeBSD.

Sorry, I was relaying what I had heard on some lists.  Specifically the
NANOG list, obviously bad information.

> 	You got some specifics or are you just going off on unsubstantiated
> rumors?  If you've got some specific conditions under which you have seen
> stream.c (packet length and service would be handy) take out a Linux box
> by any means other than clogging a connecting router, I would love to hear
> what those conditions are.

Sorry about that I will try to verify that information before posting
again.

Brian


> 
> > Brian
> 
> 
> > -----------------------------------------------------
> > Brian Feeny (BF304)     signal en shreve.net   
> > 318-222-2638 x 109	http://www.shreve.net/~signal      
> > Network Administrator   ShreveNet Inc. (ASN 11881) 	      
> 
> 	Mike
> -- 
>  Michael H. Warfield    |  (770) 985-6132   |  mhw en WittsEnd.com
>   (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
>   NIC whois:  MHW9      |  An optimist believes we live in the best of all
>  PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!
> 

-----------------------------------------------------
Brian Feeny (BF304)     signal en shreve.net   
318-222-2638 x 109	http://www.shreve.net/~signal      
Network Administrator   ShreveNet Inc. (ASN 11881) 	      


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Más información sobre la lista de distribución Ayuda