476.htm

unix高级编程原吗

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center">               ● UNIX网络编程                       (BM: clown)                </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p   align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="12.htm">上一层</a>][<a href="477.htm">下一篇</a>]
<hr><p align="left"><small>发信人: cloudsky (晓舟·轩辕明月), 信区: Security <br>
标  题: 关于攻击的讨论(1) <br>
发信站: 武汉白云黄鹤站 (Sat Jan 30 20:39:39 1999) , 站内信件 <br>
  <br>
This oshare.c code may have crashed our Checkpoint Firewall-1, version 3.0b, <br>
Build Number: 3083. (Sun Sparc, Solaris 2.5.1) <br>
  <br>
After running it I lost internet connectivity and saw <br>
the following on the console of our firewall server: <br>
  <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
FW-1: packet size too big (131060) from 0x01010101, ip_p=17 <br>
  <br>
The machine could not be soft booted and need to be hard booted <br>

(power cycled) <br>
  <br>
I will not (or cannot) try and duplicate this, since I can't afford <br>
to crash our firewall again :) <br>
  <br>
To give a brief network sketch: <br>
  <br>
Linux Box (running oshare) -> Router -- Frame Relay -> Router <br>
 -> Firewall-1 machine -> Dest Win98 box <br>
  <br>
I cannot confirm that this program crashed our firewall, but I would say <br>
it's a safe bet. <br>
  <br>
I'm no C programmer, but I think this part here is the guilty part: <br>
(Line 65 or so) <br>
  <br>
        ip->frag_off    = htons( 16383 ); <br>
        ip->ttl         = 0xff; <br>
        ip->protocol    = IPPROTO_UDP; <br>
        ip->saddr       = htonl( inet_addr( "1.1.1.1" ) ); <br>
        ip->daddr       = dst_addr; <br>
        ip->check       = in_cksum( ( u_short *)ip, 44 ); <br>

  <br>
-- <br>
            我问飘逝的风：来迟了？ <br>
            风感慨：是的，他们已经宣战。 <br>
            我问苏醒的大地：还有希望么？ <br>
            大地揉了揉眼睛：还有，还有无数代的少年。 <br>
            我问长空中的英魂：你们相信？ <br>
            英魂带着笑意离去：相信，希望还在。 <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="12.htm">上一层</a>][<a href="477.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>