The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"teardrop" attacks

I've heard that machines at MIT are under attack using the "teardrop"
exploit, which generates IP fragments with offset>len, and causes
linux boxes to crash.  The teardrop program takes source IP address as
an argument, so they don't have much info as to the source of the
attacks.  Patches have been posted that fix it.  The exploit itself as
been posted to BugTraq [possibly with a typo that results in a comment
ending in *\n/ so that a bunch of the code is commented out - read it
carefully] -- and note that while it crashes Linux and Windows/NT
boxes [but not NetBSD], be careful what machine you run the program
*from* as it is known to crash Digital Unix (formerly known as AXP
OSF/1) just by *sending* the packet.

Anyway, this is to advise that we should probably put one of these
patches into bo-updates kernel sources and kernel-image; if we plan to
put out a Pentium "foof-proof" kernel, that would be a good time to
fix this as well.


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .