Home page logo

bugtraq logo Bugtraq mailing list archives

Secure Ping 1.0
From: buglord () SY NET (Bug Lord)
Date: Thu, 11 Jun 1998 03:36:53 -0400

This is a rather quick and dirty ping mod I whipped up, mostly stuff that
is done by intelligent admins (or else they remove ping access entirely),
but I have never seen a ready-made package for such mods so here goes.
Besides there are far too many people with too much bandwidth who do not
fall under the previous admin catagory (the most obvious example of this
being almost anyone running redhat linux on a university dorm connection). =)
This is done as a complete program rather then a patch in the hopes of
making it as simple as possible for those less cluefully endowed. And if
you're in it for new features, I don't think anyone has ever done the
logging of sigalrm bombs. =)

From the README:

  SecurePing 1.0 by Bug Lord. Based off of netkit-base-0.10 w/ping 0.12.
  Apologies to Solar Designer for ripping the name but I thought of it
  before I remembered Secure-Linux and I'm too tired to rename it. =)

  Ping was designed with the best of intentions, allowing users and admins
  alike to test their networks. Unfortunately, too often it is associated
  with Denial of Service attacks, and is often disabled (at least for
  non-root users). With the standard ping distributed on most systems today,
  a non-root user can easily cause DoS attacks even without the -f flood
  option. What admin hasn't logged on one day to see twenty "ping -s 65000"
  processes happily sucking up your network resources? It seems anywhere
  there is ping and a non-trusted user, chaos ensues. Not to mention having
  to explain why your box was responsible when the person being hit calls
  you or your uplink. What a headache, no wonder people disable ping.

  The goal of this program is to permit benign activity from well-meaning
  users while preventing malicious users from flooding others, and logging
  such attempts.

   - Admin-definable packet size limits for root and non-root users.
   - Log attempted unauthorized flood/preload and over-size-limit attempts.
   - Log and prevents SIGALRM-bomb floods.
   - REAL simple + easy Libc/Glibc support

Possible Future Additions
   - Limits on the number of times one user can run ping simultaneously.
   - Size limits for more than "root" and "not-root". Groups, etc.
   - Dynamic configuration, perhaps /etc/ping.conf or some such.
   - Log total bytes sent/received during a ping session.

  Linux... As much as I would like to develop programs for other environments,
  the unfortunate fact is that I don't have access to any non-linux systems.
  If you can provide a (legit) account on another environment (FreeBSD most
  especially needed), please contact me.

How to use
  Just edit config.h, everything is clearly explained there.
  Then configure, make, and make install as root. If you can't figure this
  part out then maybe this program is not for you. =)

Thanks to
  Kerry and Kyle for the motivation (good job guys), habit for the spell
  checking, Ted & Ramsey for my phone bills, and anyone else that I forgot.

  IRC: Bug_Lord (EFnet)
  EMAIL: buglord () sy net

Latest Version
  The latest version of SecurePing can be found at http://www.sy.net/security

Shameless Plug
  Visit http://shell.sy.net for the most affordable, reliable, stable, and
  secure shells available to mere mortals.

  By Date           By Thread  

Current thread:
  • Secure Ping 1.0 Bug Lord (Jun 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]