[...] > This is certainly a bug, and a bad one. You aren't supposed to have to > hack every program that uses UDP not to reply on the broadcast > address; the need for the sockopt if you want to do a broadcast is > supposed to protect you. This is Very Bad News. It means that it is > possible to disable remote networks by sending out chernobylgrams to > them provided the router shares the defect -- and many firewall > routers these days run by people who believe in packet filtering are > BSD based and might have this flaw. > > Could people tell us which operating systems have this defect and > which do not? This is an important one to catch before the evil folks > get out their packet forgers. > > Perry Don't be fooled by routers (cisco is a good example) which will answer broadcast ping's - udp broadcast still plough on through...and back comes the flood...(just tested this - ping 1.2.3.0 made the router reply but using Tim's program, the entire subnet it had wanted to `protect' wanted to answer). It would appear that inetd (on HP-UX at least) sets SO_BROADCAST when it sets up internal services (such as echo)... darren