Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.

Firewalls Snuffed by 'BlackNurse' Ping of Death Attack

posted by janrinok on Tuesday November 15 2016, @01:54AM   Printer-friendly
from the for-sale:-random-name-generator,-hardly-used dept.

Phoenix666 writes:

A code artefact in a number of popular firewalls means they can be crashed by a mere crafted ping.

The low-rate "Ping of death" attack, dubbed BlackNurse, affects firewalls from Cisco, SonicWall, Zyxel, and possibly Palo Alto.

Since we don't imagine Switchzilla has started giving away the version of IOS running in its ASA firewalls, Vulture South suspects it arises from a popular open source library. Which means other vulnerable devices could be out there.

Unlike the old-fashioned ping-flood, the attack in question uses ICMP "Type 3, Code 3" (destination unreachable, port unreachable) packets.

In the normal course of events, a host would receive that packet in response to a message it had initiated – but of course, it's trivial to craft that packet and send it to a target.

In devices susceptible to BlackNurse, the operating system gets indigestion trying to process even a relatively low rate of these messages – in the original report from Denmark's TF-CSIRT, gigabit-capable routers could be borked by just 18 Mbps of BlackNurse traffic on their WAN interfaces.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Firewalls Snuffed by 'BlackNurse' Ping of Death Attack | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by Snotnose on Wednesday November 16 2016, @03:49AM

    by Snotnose (1623) on Wednesday November 16 2016, @03:49AM (#427346)

    My bad, it was more like 15 years ago. The key should have been "before 802.11g', my startup's entire being was based on our protocol being established first.

    To be clear, I did not think of this myself. Probably heard about it on /., given the era and the websites I read at the time. But once I heard about it it was pretty easy to defend against it.

    My startup's chip sucked up too much power, they went bankrupt before they could do another chip spin, and their early investor (Samsung) bought them for pennies on the dollar.

    Ever see that commercial about taking your TV from the living room, to the bedroom, to the pool? That was my startup's technology. It worked, it just took too much power and the company ran out of money before they could fix that.

    Actually, being honest, that company was a rats nest. They had a habit of laying off people who were about to vest some stock options. That happened to the guy who got me the first interview there. That got one of the guys who interviewed me, he'd been there 3 years (one of the first employees), was one of the most knowledgeable folks I could talk to when I had a question. They used to have mandatory Friday 5 PM company meetings, where the inner sanctum would wander the crowd and note who was and was not there.

    Magis Networks, you sucked a huge bag of dicks and everyone who lost money in you I can only say HA HA.

    / Ahh, alcohol. Is there anything you can't do
    // name names, Magis was the worst place I ever worked
    /// Good people, great tech, seriously fucked up upper management
     

    --
    When the dust settled America realized it was saved by a porn star.
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3