From: "Bruce M." <bkmarsh@feist.com>
Date: Mon, 2 Dec 1996 16:58:56 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: IP address
In-Reply-To: <199612021038.EAA02902@manifold.algebra.com>
Message-ID: <Pine.BSI.3.91.961202185629.4826A-100000@wichita.fn.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 Dec 1996 ichudov@algebra.com wrote:

> > >What is the risk of publishing your dynamic IP address to a web page while you are on line?  How vulnerable is someone just connected to the internet, w/o any server running? What attacks are feasable? --Internaut
> > 
> > Well, if you are running Win95 (all) or 3.1 (w/certain TCP/IP stacks) your
> > machine can be locked up or rebooted at *any* time using just PING!
> > 
> 
> Isn't is Unix that is actually vulnerable?

    I have never been able to cause more than a mild performance 
degredation by pinging a Windows 95 machine with large packets.  When 
testing the idea I kept increasing the packet size until the machine no 
longer responded, but the machine still had TCP/IP capabilities (in terms 
of transmitting data and forming connections).  Ping flooding is another 
matter though.  You probably could cause a larger performance drop.

             ____________________________________________________
            [ Bruce M. - bkmarsh@feist.com - Feist Systems, Inc. ]
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      "We don't want to get our butts kicked by a bunch of long-haired 
        26-year-olds with earrings." -- General John Sheehan on their 
                       reasons for InfoWar involvement