Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » linksys router problems using malformed icmp packets

linksys router problems using malformed icmp packets

by Nikola Strahija on October 8th, 2001 When E.C.S.S. was conducting experiments we found that the linksys router could cause a denial of service when the user had the DMZ option set. because of the fact the router will send packets to a internal host as well as the external host allowing relaying (icmp that is) you could effectivly turn off the router with very little work. all it takes is 4 packets at the most to turn it off.


when we conducted the experament we used a windows 2000 service pack 2 on a dialup connection. the remote computers were on cable and higher. software used was as follows:


packet crafter beta 2





the code we used is as follows:





icmp connect()


thing


icmp _host_unreachable


(then three enters)





packet length was 53 bytes we had the bit to set as NO Frag Allowed


flags that were set were syn and ack


randomize was on. local port was 135 and remote port was 8





we effectively turned off the router with %100 of the time working





no fixes are available


linksys has been notified



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »