[ LUGOS ] Teardrop

cRaZYp crazyp na slo.net
Ned Apr 20 21:31:03 CEST 1997


Matej Pfajfar wrote:
> 
> On Mon, 20 Apr 1998, Jure Koren wrote:
> >Zdravo!
> [snip]
> >Oversized packet received from 145.236.254.102
> >Warning: kfree_skb passed an skb still on a list
> >general protection: 0000
> >in potem register dump pa tist Aiee, killing interrupt handler.
> >
> >To se nekajkrat ponovi, potem pa je ze tist reboot ki sem ga pravkar
> >izvedel. Po patchanju se oversized packet logera, samo nic se ne sesuje.
> >
> >Naj to dam na si-cert ?
> [snip]
> Hmm .. hja tole je sigurno napad z nestea.c ampak IPji, ki se logirajo s syslogom so vsi spoofani
> in ti ne bodo nic pomagali. Pa itak na si-certu ne bojo nic naredili dokler jim ne poves tocno
> kdaj,kako in predvsem kdo. Mogoce bi se dalo z ipfwadm nastimat, da bi se ti nespoofani IPji logiral.
> Potem pa takoj prijavi in tudi na si-certu bojo mogli takoj ukrepat.
> badbytes
> 
> --
> ************ I was an atheist until I realised I was GOD . ************
> -----------------------------------------------------------------------
> | Matej Pfajfar       Kent College-S.House | <badbytes na writeme.com>   |
> | Cankarjeva 18       Whitstable Road      | <badbytes na hotmail.com>   |
> | 4240 Radovljica OR  Blean, Canterbury    |+386 (0)64 715 529 @ home |
> | SLOVENIJA           KENT CT29DT , UK     |+44 (0)410 729 636 - GSM  |
> |---------------------------------------------------------------------|
> |PGP Key: http://www.geocities.com/SiliconValley/Peaks/4211/mykey.txt |
> -----------------------------------------------------------------------


Err, k smo glih pr temu logiranju... a mi lohk en pove, kje bi se dal
dobit neki dobrga kao ICPM detektor... DL sem si TcpDump, ampak sem se
ene 2 ure mucu, da bi ga spravu v red.. enostavno se noce compilat pod
nobenim pogojem...

pero.




Dodatne informacije o seznamu Starilist