On Mon, 2 Dec 1996 ichudov@algebra.com wrote:
What is the risk of publishing your dynamic IP address to a web page while you are on line? How vulnerable is someone just connected to the internet, w/o any server running? What attacks are feasable? --Internaut
Well, if you are running Win95 (all) or 3.1 (w/certain TCP/IP stacks) your machine can be locked up or rebooted at *any* time using just PING!
Isn't is Unix that is actually vulnerable?
I have never been able to cause more than a mild performance degredation by pinging a Windows 95 machine with large packets. When testing the idea I kept increasing the packet size until the machine no longer responded, but the machine still had TCP/IP capabilities (in terms of transmitting data and forming connections). Ping flooding is another matter though. You probably could cause a larger performance drop. ____________________________________________________ [ Bruce M. - bkmarsh@feist.com - Feist Systems, Inc. ] ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ "We don't want to get our butts kicked by a bunch of long-haired 26-year-olds with earrings." -- General John Sheehan on their reasons for InfoWar involvement