Government scrutiny is headed our way
Brett Frankenberger
brettf at netcom.com
Sun Jun 21 20:59:43 UTC 1998
:: Joe Shaw writes ::
>
> > Next there is a rumor that 8000 users have been infected with a tweaked
> > system.exe file that makes that user a smurf amplifier unwittingly. These
> > are things to watch for. I wish there was an easier way to break bad news.
>
> I fell out of my chair at that statement. One user/host cannot be a smurf
> amplifier; one network from a /30 and down can with different results.
If I modify my kernel to generate 100 ECHO REPLYs for each ICMP ECHO I
recieve, how is my PC signifigantly different than a /24 behind a
router that doens't have "no ip directed-boradcast" (or it's
equivalent) configured, with 100 devices on it that all respond to ICMP
ECHOs addressed to the boracast address?
I'm not saying that I believe this rumor (or even that I've heard it
before now), nor am I saying that the rumor has as much thought behind
it as my previous paragraph does, nor am I saying that if you were
going to implement such a thing on a Windows machine that you would
implement it in system.exe. (I'm not even saying that system.exe
exists.)
But I am saying that such a thing is technically feasible. And I am
saying that there are people out there who are not above writing a
virus that facilitiate the use of other people's machines in DOS
attacks.
- Brett (brettf at netcom.com)
------------------------------------------------------------------------------
... Coming soon to a | Brett Frankenberger
.sig near you ... a Humorous Quote ... | brettf at netcom.com
More information about the NANOG
mailing list