Vulnerability Development: Re: "Re: ping flooding as normal user" and strange icmp behaviorwithLinux 2.4

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: "Re: ping flooding as normal user" and strange icmp behaviorwithLinux 2.4

From: Alon Oz <alon () LINUXQA COM>
Date: Sun, 20 Aug 2000 12:17:34 +0300

Sebastian Pape wrote:

hi!

It's also a good idea to prevent normal users from using
ping. "chmod 700 /bin/ping" should do the trick.

What's that good for? If you have net access you can get "your own
ping".


Ping needs to be suid root in order to run.

A better idea would be to allow normal users to use ping, but only
allow normal pings (no options like "-p" and "-s").

iirc there should be a secure ping which prevents for example attacks
with a program called pingflood and has the ability to log to syslogd.

best regards

        Sebastian


        -- Alon

--
For Sale: Parachute used only once, never opened, small stain.

By Date By Thread

Current thread:

Re: ping flooding as normal user, (continued)
- Re: ping flooding as normal user Glen Rosenblatt (Aug 14)
  - Re: ping flooding as normal user Slawek (Aug 14)
    - Re: ping flooding as normal user Cam (Aug 15)
- "Re: ping flooding as normal user" and strange icmp behavior with Linux 2.4 Weston Pawlowski (Aug 17)
  - Re: "Re: ping flooding as normal user" and strange icmp behavior withLinux 2.4 Sebastian Pape (Aug 18)
    - Re: "Re: ping flooding as normal user" and strange icmp behaviorwithLinux 2.4 Alon Oz (Aug 20)
  - Re: "Re: ping flooding as normal user" and strange icmp behavior with Linux 2.4 Slawek (Aug 20)