Spookie
Jan 24 2004, 04:19 AM
Two Internet software developers who said they have uncovered a way to cause entire networks of computers to freeze or shut down may have simply rediscovered an old network issue.
You can google for the site. Heres the excerpt from their board regarding the below link.
Security pros question flaw find 
| QUOTE |
Friday, November 21, 2003. 03:27 pm cst
As far as we can tell at moment...this is_not in the WILD...
So it is NOT an alert...
it is a caution we felt that is important to relate ...
we have notified CERT as well as a few others.
CERT notified (w/proof of concept) 10 days ago.
--
As many of you know..
we like to be prepared and test systems/platforms
(not just DNS) with our own tools and concepts.
Then we test other systems for comparison.
Well..
We discovered something while testing our own
DNS programs for strength and speed...<ouch>
so we created and tried the concept on other platforms...
This is_not specific to DNS machines, affects any unit.
(All servers and workstations on internet or LAN)
Something which...
is not preventable with most firewalls
<we tested upto cisco rack mounts>
hardware routers and software firewalls
(even with "lock" enabled) may fail or crash.
multiple-platforms are affected,
including possible effects on some (if not all)
linux versions requiring reboots or lost internet.
observations include possible desktop freeze
caution on using onboard (integrated) net cards,
or a network card that is not in A1 condition.
this may lead to lost internet or long recovery
IMPORTANT*
currently the only_way to stay protected is
(not kidding)
either using FreeBSD as a firewall/gateway for the LAN
or enabling the ICF if using WindowsXP or Windows2003
*FreeBSD and ICF enabled units may experience
system slowdowns and possible loss of internet.
OS-X and OpenBSD also share a higher immunity
to our demonstration code. However, when a BSD
derivative platform or an ICF protected machine is
targeted, machines on the same local subnet have
been observed to suffer collateral loss of network
connectivity without physical damage.
NB.
contact me via pgp (support at ntcanuck.com)
*only* if you are able to provide assistance
or if you are a major vendor or manufacturer
and need more details. We can't guarantee
answering all queries from ISP's or OEM's at
this time...busy working on corrective code.
Keep any questions within this group, and address
them to me, others have their own tasks/projects.
I can't give too many details (discretion is important).
NT Canuck |
jetprice
Jan 25 2004, 12:28 AM
What do you expect us to say on this? I don't see any technical details nor will you find the poc code, unless you hack cert (not the best idea).
Is this just to notify us or ?
Please give more information, unless not needed but then make sure this is just to tell us its a serious bug.
greets to all except for wicked.
jetprice.
Spookie
Jan 26 2004, 03:57 AM
This was a posting I came across and thought it would fit in this section of the forum. Wanted to see if anyone else has been hearing or reading of this.
Hence the link and the qoute made by NT Canuck. You can find there forum if you google for it.
