Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Smurfable Linux Kernel

from [Tomasz Chomiuk] Network Security [Permanent Link]
Subject: Smurfable Linux Kernel
Date: Thu, 30 Mar 2006 14:16:38 +0100 
Hi list,

A couple of months ago I pointed out to the Linux Kernel networking maintainers an oversight which caused the kernel to be vulnerable to some form of smurf attack.

The problem lay in the kernel's inability to ignore icmp timestamp broadcast requests, thus IP networks with Linux boxes on board could lend themselves to possible DoS attacks.

The problem was fixed straight away and is now missing from the 2.6.13 branch. Described misbehavior can now be controlled via icmp_echo_ignore_broadcasts sysctl.

- Tomek

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Smurfable Linux Kernel, Tomasz Chomiuk <=
Previous by Date:  Re: On classifying attacks, David M Chess
Next by Date:  [SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files, Gerald (Jerry) Carter
Previous by Thread:  McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability, Juha-Matti Laurio
Next by Thread:  [SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files, Gerald (Jerry) Carter
Indexes:  [Date] [Thread] [Top] [All Lists]