Smurfable Linux Kernel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Smurfable Linux Kernel
- From: Tomasz Chomiuk <t.chomiuk@xxxxx>
- Date: Thu, 30 Mar 2006 14:16:38 +0100
- Reply-to: t.chomiuk@xxxxx
- User-agent: Mozilla Thunderbird 1.0.7 (X11/20060126)
Hi list,
A couple of months ago I pointed out to the Linux Kernel networking
maintainers an oversight which caused the kernel to be vulnerable to
some form of smurf attack.
The problem lay in the kernel's inability to ignore icmp timestamp
broadcast requests, thus IP networks with Linux boxes on board could
lend themselves to possible DoS attacks.
The problem was fixed straight away and is now missing from the 2.6.13
branch. Described misbehavior can now be controlled via
icmp_echo_ignore_broadcasts sysctl.
- Tomek
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
