Carolyn P. Meinel Hall of Shame
Hacking Guide Errata
> GUIDE TO (mostly) HARMLESS HACKING
> Vol. 2 Number 3
> Introduction to TCP/IP. That means packets! Datagrams! Ping oversize packet
> denial of service exploit explained. But this hack is a lot less mostly
> harmless than most. Don't try this at home...
Why even make the pretense that this is 'mostly harmless'? This
is a DOS (Denial Of Service) attack, pure and simple. This is most
certainly NOT harmless.
> Now if this has been sounding like gibberish to you, relax. It is really
> very simple. In fact, it is so simple that if you use Windows 95, by the
> time you finish this article you will know a simple, one-line command that
> you could use to crash many Internet hosts and routers.
Would you like to change your mind about this being harmless or not?
> /usr/etc/ping hostname
> If this doesn't work, complain to your ISP's tech support.
Gee. Linux likes to put it in /bin/ping (for newer distributions at
least). Urging people to complain because they can't find a util seems
pointless. How about telling them "whereis" or the more useful "find"
command? Different versions of unix will store 'ping' in different places.
> The easiest way to do this hack is to run Windows 95. Don't have it? You can
> generally find a El Cheapo store that will sell it to you for $99.
I can't believe you even recommend this. That is utterly pathetic. We both
know that a unix box can be made to emulate the larger packet sizes
needed to do this. Why not tell people how to do that rather than tell
them to buy Win95?
Consistency Alert! Now, should they install Linux or Windows 95, as you
mentioned earlier? Should they ditch Linux just so they can ping someone?