Vulnerability Development: Re: ping flooding as normal user

[Bluefish <11a () GMX NET>]

I'm no expert on network coding in the unix environment (or any other
environment for that sake ;) but I'm wondering how big this issue is. I
mean, basicly the main problem is that bandwidth per user isn't limited
(for a number of sites, being able to limit that for ordinary users might
be interesting - not only to avoid abuse)

Secondary, why is ping suid? is this needed for sending these IMCP
packets? If this can be by any user application I really don't think
there's anything to fix in ping, then it would be a something to patch in
the kernels, if it is concidered a needed feature.

> -s parameter of ping command has no upper limit for normal users.
> This allows normal users to send for example 1 * 60000 bytes of ICMP data
> per second (from one copy of ping invoked)
> I think it's just great for DoSing ;o)
Windows 95 ping is way more "flood friendly" than the gnu ping, btw.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team