On Sat, 29 Oct 1994, Jas wrote: > Charles Howes wrote this... > > > > Lately, there's been a few denial-of-service attacks with a twist, > > using talkd. > > > > Apparently, if you send the right packet to a talkd port, you can get > > talkd to pick a fight with talkd on an arbitrary host. The network > > between the hosts quickly becomes unusable. > > > > 1) Anyone found the program (can flash do it?) to demonstrate? > > 2) Anyone fixed it yet? :-) > > > does it use source routing? have you seen it happen? i am intrigued, and > sorry i have no futher info on it, but i will scan thorugh the talkd code > to see if i can find anything that might do this. > > > Matt I have been told that the network outage that occurred with our network provider two days ago was caused by a storm of packets headed to/from talkd. A previous storm was rumored to have happened at a local university several months ago. It may or may not have involved source routing, it may or may not have involved a completely bogus packet, carefully crafted on a PC or root-broken unix box. Considering that 'flash' doesn't require any special privileges, this attack may be do-able by anyone with a unix account. I'd like to know how it is possible, and how to make it either 1) Not possible, and/or 2) Traceable -- Charles Howes -- chowes@helix.net I was gratified that I could answer quickly. I said that I didn't know. - Mark Twain