Re: udp packet storms

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Chris Ellwood: "Re: udp packet storms"
• Previous message: John Hawkinson: "Re: udp packet storms"
• In reply to: Pat Myrto: "Re: udp packet storms"
• Next in thread: Tim Newsham: "Re: udp packet storms"

To my knowledge, the broadcast trick will not work -- the "broadcast"
will not go out on the ethernet or other broadcast address because the
broadcast socket option will not have been selected and the packet
will not be broadcast in reply. The echo loop between two hosts might,
of course...

Perry

Pat Myrto says:
> "In the previous message, Tim Newsham said..."
> > 
> > There's at least one way to make a UDP packet storm.  Not
> > very hard to do:
> > 
> >    src address = 255.255.255.255 port 7
> >    dst address = <some host> port 7
> > 
> > the port will be echoed by the inetd (echo port) back to the
> > sender (255.255.255.255 port 7).  Each machine with an inetd
> > that has echo enabled will echo the packet back to the first
> > machine.  Broadcast addresses need not be used:
> > 
> >   src address = <some host> port 7
> >   dst address = <some other host> port 7
> > 
> > I imagine the same can be done with talkd packets.  UDP source
> > addresses are easy to forge.
> 
> That's interesting - it amounts to a feedback loop (in electrical
> or audio terminology).  Is there a way to interrupt this sort of
> thing (short of killing inetd or the involved daemon) or rebooting (a
> drastic method of doing the same thing)?
> 
> How would one prevent this without disabling the udp services?

• Next message: Chris Ellwood: "Re: udp packet storms"
• Previous message: John Hawkinson: "Re: udp packet storms"
• In reply to: Pat Myrto: "Re: udp packet storms"
• Next in thread: Tim Newsham: "Re: udp packet storms"