Re: To kill a sun:

James Lockwood (james@VANEYCK.GII.GETTY.EDU)
Sun, 14 Dec 1997 00:33:44 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Vulnerabilities in ICQ"
Previous message: YAMAMORI Takenori: "SunOS4.1.4 another tmpfs bug"
Maybe in reply to: Jason Zapman II: "To kill a sun:"
Next in thread: Craig Johnston: "Re: To kill a sun:"

On Sat, 13 Dec 1997, Jason Zapman II wrote:

> This is sunkill.c
>
> It Affects at least solaris 2.5.1 machines, both sun4c and sun4m
> achitecutures. I imagine it affects all solaris 2.5.1 machines, both sparc
> and x86, but im not sure. It basically works by opening a telnet

...

I just tested this on a Solaris 2.6 sun4c machine (an old SS1+ I use as a
PPP server), and it seems to hang the machine for about 30-45 seconds, and
then it recovers. Tried hammering it a number of times, but I couldn't
reproduce a total lock-up.

It looks like Solaris 2.6 isn't vulnerable to this attack from a crashing
standpoint, but it's quite effective as a denial of service attack. I'll
try it on some fully patched 2.4 and 2.5 machines on monday.

-James

=============================================================================
James D. Lockwood The Getty Information Institute
System Administrator 1200 Getty Center Drive, Suite 300
james@gii.getty.edu Los Angeles, CA 90049-1680

Next message: Alan Cox: "Vulnerabilities in ICQ"
Previous message: YAMAMORI Takenori: "SunOS4.1.4 another tmpfs bug"
Maybe in reply to: Jason Zapman II: "To kill a sun:"
Next in thread: Craig Johnston: "Re: To kill a sun:"