Re: To kill a sun:

James Lockwood (james@VANEYCK.GII.GETTY.EDU)
Sun, 14 Dec 1997 00:33:44 -0800

On Sat, 13 Dec 1997, Jason Zapman II wrote:

> This is sunkill.c
> It Affects at least solaris 2.5.1 machines, both sun4c and sun4m
> achitecutures. I imagine it affects all solaris 2.5.1 machines, both sparc
> and x86, but im not sure. It basically works by opening a telnet


I just tested this on a Solaris 2.6 sun4c machine (an old SS1+ I use as a
PPP server), and it seems to hang the machine for about 30-45 seconds, and
then it recovers. Tried hammering it a number of times, but I couldn't
reproduce a total lock-up.

It looks like Solaris 2.6 isn't vulnerable to this attack from a crashing
standpoint, but it's quite effective as a denial of service attack. I'll
try it on some fully patched 2.4 and 2.5 machines on monday.


James D. Lockwood The Getty Information Institute
System Administrator 1200 Getty Center Drive, Suite 300 Los Angeles, CA 90049-1680