[geeks] Ping of Death
Jonathan C. Patschke
jp at celestrion.net
Thu Feb 5 04:23:10 CST 2004
On Thu, 5 Feb 2004, Michael Schiller wrote:
> I am an IT professional.
Translation: "I made it all the way through chapter 3 of the MCSE study
guide." Compare to "I know a lot about computers."
> Recently, one of the routers I maintain started logging ping of death
Ping of death? That attack has been, well, dead for the better part of
a decade now.
> attacks from your IP address. Below is a sample of the log.
Apparently this professional isn't aware that the source portion of an
ICMP header is laughably easy to forge. Given the machines you've
listed as being yours, I sincerly doubt it's coming from your network.
That is, unless you have a wireless segment that you may be
inadvertently sharing with young wankers who have nothing better to do.
Granted, the probability of someone picking your exact IP address to
spoof from is something like 1 in 2^30, but it can happen. Or it could
be that you're getting joe-jobbed (ie: framed).
My advice is to blow the perfeshunal off. Tell him you've done an
audit and it's not coming from your end. Then refer him to TCP/IP
Illustrated, Volume 1 for an explanation of the OSI model and packet
headers.
--
Jonathan Patschke ) "Some people grow out of the petty theft of
Elgin, TX ( childhood. Others grow up to be CEOs and
USA ) politicians." --Phorist
More information about the geeks
mailing list