Re: UDP packet handling weird behaviour of various operating systems

[Cade Cairns <cairnsc () securityfocus com>]

On Wed, 25 Jul 2001, Michal Zalewski wrote:

> Uh-huh. Tested it on Linux 2.2 and 2.4, can't confirm the problem. It
> would be pretty strange, btw, since it simply generates normal UDP packet,
> no black magic, really, and remote system, unless there's comast service
> running, politely responds with 'ICMP destination port unreachable', which
> is translated into 'Connection refused'.

After Stefan made his post to Bugtraq, I performed a few tests on machines
running Linux 2.2.14 and Linux 2.4.0.  I wrote a simple test program to
send a large number of small messages to an arbitrary serviceless port on
the target machines.

I was able to reproduce the problem on a slower (400mhz) machine running
2.4.0, it virtually stopped responding until the flood ended.

Cade Cairns
SecurityFocus
http://www.securityfocus.com/