Re: stream.c

From: Brian (signal@shreve.net)
Date: Sat Jan 22 2000 - 12:33:09 EST


On Sat, 22 Jan 2000, Michael H. Warfield wrote:

> On Sat, Jan 22, 2000 at 10:47:49AM -0600, Brian wrote:
>
> > Does the prospect of coming up with a solution to stop attacks on the
> > kernel from stream.c look good? With so many OS's vulnerable, I am sure
> > Linux will be one of the first fixed. I don't suppose their is anything
> > we can do in the meantime to lessen the effects is there?
>
> We've been looking over stream.c can't see that there is a problem.
> I've had numerous systems under fire from stream.c for hours with barely
> a slowup. Alan's unimpressed, I'm unimpressed (I'm the Senior Researcher
> for Internet Security Systems). We haven't been able to blow up a single
> Linux system using this utility.
>
> You say "With so many OS's vulnerable". Based on what? The
> reports that I saw on BugTraq said that it blows up FreeBSD. There
> is a patch out there for FreeBSD.

Sorry, I was relaying what I had heard on some lists. Specifically the
NANOG list, obviously bad information.

> You got some specifics or are you just going off on unsubstantiated
> rumors? If you've got some specific conditions under which you have seen
> stream.c (packet length and service would be handy) take out a Linux box
> by any means other than clogging a connecting router, I would love to hear
> what those conditions are.

Sorry about that I will try to verify that information before posting
again.

Brian

>
> > Brian
>
>
> > -----------------------------------------------------
> > Brian Feeny (BF304) signal@shreve.net
> > 318-222-2638 x 109 http://www.shreve.net/~signal
> > Network Administrator ShreveNet Inc. (ASN 11881)
>
> Mike
> --
> Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com
> (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
>

-----------------------------------------------------
Brian Feeny (BF304) signal@shreve.net
318-222-2638 x 109 http://www.shreve.net/~signal
Network Administrator ShreveNet Inc. (ASN 11881)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:28 EST