Firewalls: Re: anybody know of any vulnerabilities with "echo"

Firewalls
(February 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: anybody know of any vulnerabilities with "echo"
From:	"Joe Smith (Really!)" <joey @ gxl . woodtech . com>
Date:	Sat, 10 Feb 1996 00:27:25 -0600 (CST)
To:	Greg Woods <woods @ ncar . ucar . edu>
Cc:	Michael Baumann <baumann @ proton . llumc . edu>, jason @ OiT . co . uk, brian @ ilinx . bctel . net, brian_murrell @ bctel . net, firewalls @ GreatCircle . COM
In-reply-to:	<199602090250 . TAA08588 @ ncar . ucar . EDU>

What is the loss of disabling echo? Or discard for that matter.

On Thu, 8 Feb 1996, Greg Woods wrote:

> On Thu, 8 Feb 1996, Jason L. Haar wrote:
> > 
> > 
> >I'm wondering if a new vulnerablity with the (a particular implementation
> > maybe) echo server has been found.  Anybody else notice this trend??
> 
> There's a CERT advisory out; forged packets that appear to come from the
> echo port of one host are sent to the echo port of another, causing the
> echo servers to bombard one another. This will hose both machines
> and the net between them, a very effective denial of service attack.
> 
> --Greg
>

Follow-Ups:

Re: anybody know of any vulnerabilities with "echo"
From: blymn @ awadi . com . au (Brett Lymn)
Re: anybody know of any vulnerabilities with "echo"
From: "Paul D. Robertson" <proberts @ clark . net>

Indexed By Date	Previous:	Re: Non-company Access ?? From: Mark Allyn (206) 860-9454 <allyn @ allyn . com>
Indexed By Date	Next:	Re: JAVA security problem ? From: Steve Gibbons <steve @ aztech . net>
Indexed By Thread	Previous:	Re: anybody know of any vulnerabilities with "echo" From: Michael Baumann <baumann @ proton . llumc . edu>
Indexed By Thread	Next:	Re: anybody know of any vulnerabilities with "echo" From: "Paul D. Robertson" <proberts @ clark . net>