Back to the main page

Mailing List Logs for ShadowRN

Message no. 1
From: Tzeentch tzeentch666@*********.net
Subject: The Matrix: Gearhead Errata
Date: Mon, 29 Nov 1999 20:42:06 -0800
After talking to my more knowledgeable friend and having him review the
posts here's his short answer to pingflooding..

PINGFLOODS
"...you can do it now, and you don't need even close to equal bandwidth..
ping uses ICMP-Echo and ICMP-Echo-response packets. The ICMP-Echo message
is much much smaller than the ER message the router sends back for a ping.
Forge your source IP so that the messages can't flood you back.. and theres
how pingfloods work.."

IGNORING TRAFFIC
"...also, even if your router is "ignoring" the packets.. they're still
wasting it's bandwidth.. even if it's not doing anything with them but
sending them to /dev/null."

There you have it, I stand corrected. He did not spot any other logical
problems so I'm in the clear with the rest of the stuff it seems :)

I'm making him give a more in-depth brief on it but he claimed he needed
sleep (the wimp) so it won't be done until tomorrow.

Ken
Message no. 2
From: lomion lomion@*********.org
Subject: The Matrix: Gearhead Errata
Date: Mon, 29 Nov 1999 21:42:03 -0800
At 08:42 PM 11/29/99 -0800, you wrote:
>After talking to my more knowledgeable friend and having him review the
>posts here's his short answer to pingflooding..
>
>PINGFLOODS
>"...you can do it now, and you don't need even close to equal bandwidth..
>ping uses ICMP-Echo and ICMP-Echo-response packets. The ICMP-Echo message
>is much much smaller than the ER message the router sends back for a ping.
>Forge your source IP so that the messages can't flood you back.. and theres
>how pingfloods work.."

lots better ways to do this than a ping flood, think syn attacks, and other
nastiness.

forging an ip isnt so easy, cracking a remote system and using that to do
the deed is more logical and easier.

>IGNORING TRAFFIC
>"...also, even if your router is "ignoring" the packets.. they're still
>wasting it's bandwidth.. even if it's not doing anything with them but
>sending them to /dev/null."

not necessarily, there are ways to deal with it so it doesn't impact you
directly.

--lomion

Further Reading

If you enjoyed reading about The Matrix: Gearhead Errata, you may also be interested in:

Disclaimer

These messages were posted a long time ago on a mailing list far, far away. The copyright to their contents probably lies with the original authors of the individual messages, but since they were published in an electronic forum that anyone could subscribe to, and the logs were available to subscribers and most likely non-subscribers as well, it's felt that re-publishing them here is a kind of public service.

Thwap!