Bugtraq: Re: udp packet storms - ping death

[perry () imsi com (Perry E. Metzger)]

"Michael Neuman" says:
> Perry Metzger says:
> > Charles Howes says:
> > > > Our copy of ping is installed setuid root; ...
> > > So you mean that any student at princeton can panic any Sun there just by
> > > typing that command?  Cool...
> > There are already so many ways to panic suns from userland...
>  Here's a complete waste of bandwidth and everyone's time... Name as many
> ways to remotely panic a Sun that you know of, Perry, or don't fill the 
> ether with this worthless drivel.
Truncating /dev/audio (although this seems to have been fixed in
4.1.3, or at least 4.1.3_U1). Doing unexpected things the streams
networking drivers seems to do nicely, too. I used to have a big list
of things to panic suns, but I've misplaced it. I'll search about and
see what I can dig up and check what still panics my current machines.
Generally speaking, "unusual" operations on streams drivers seem to
make 4.1.X machines go gaga. I haven't tried playing with the mouse
driver; it looks like a nice place to check next.

I also haven't tried running the program that generates random code
and executes it lately. I believe it was called something like
"crashme" but I'm probably wrong. I recall that it used to do nicely
under older 4.1.X environments, though the latest 4.1.3s might not go
south any longer. I'll have to check...

Perry