Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Cade Cairns (cairnscsecurityfocus.com)
Date: Thu Jul 26 2001 - 17:39:23 CDT
On Wed, 25 Jul 2001, Michal Zalewski wrote:
> Uh-huh. Tested it on Linux 2.2 and 2.4, can't confirm the problem. It
> would be pretty strange, btw, since it simply generates normal UDP packet,
> no black magic, really, and remote system, unless there's comast service
> running, politely responds with 'ICMP destination port unreachable', which
> is translated into 'Connection refused'.
After Stefan made his post to Bugtraq, I performed a few tests on machines
running Linux 2.2.14 and Linux 2.4.0. I wrote a simple test program to
send a large number of small messages to an arbitrary serviceless port on
the target machines.
I was able to reproduce the problem on a slower (400mhz) machine running
2.4.0, it virtually stopped responding until the flood ended.