A code artefact in a number of popular firewalls means they can be crashed by a mere crafted ping.
The low-rate "Ping of death" attack, dubbed BlackNurse, affects firewalls from Cisco, SonicWall, Zyxel, and possibly Palo Alto.
Since we don't imagine Switchzilla has started giving away the version of IOS running in its ASA firewalls, Vulture South suspects it arises from a popular open source library. Which means other vulnerable devices could be out there.
Unlike the old-fashioned ping-flood, the attack in question uses ICMP "Type 3, Code 3" (destination unreachable, port unreachable) packets.
In the normal course of events, a host would receive that packet in response to a message it had initiated – but of course, it's trivial to craft that packet and send it to a target.
In devices susceptible to BlackNurse, the operating system gets indigestion trying to process even a relatively low rate of these messages – in the original report from Denmark's TF-CSIRT, gigabit-capable routers could be borked by just 18 Mbps of BlackNurse traffic on their WAN interfaces.
(Score: 3, Interesting) by Snotnose on Wednesday November 16 2016, @03:49AM
My bad, it was more like 15 years ago. The key should have been "before 802.11g', my startup's entire being was based on our protocol being established first.
To be clear, I did not think of this myself. Probably heard about it on /., given the era and the websites I read at the time. But once I heard about it it was pretty easy to defend against it.
My startup's chip sucked up too much power, they went bankrupt before they could do another chip spin, and their early investor (Samsung) bought them for pennies on the dollar.
Ever see that commercial about taking your TV from the living room, to the bedroom, to the pool? That was my startup's technology. It worked, it just took too much power and the company ran out of money before they could fix that.
Actually, being honest, that company was a rats nest. They had a habit of laying off people who were about to vest some stock options. That happened to the guy who got me the first interview there. That got one of the guys who interviewed me, he'd been there 3 years (one of the first employees), was one of the most knowledgeable folks I could talk to when I had a question. They used to have mandatory Friday 5 PM company meetings, where the inner sanctum would wander the crowd and note who was and was not there.
Magis Networks, you sucked a huge bag of dicks and everyone who lost money in you I can only say HA HA.
/ Ahh, alcohol. Is there anything you can't do
// name names, Magis was the worst place I ever worked
/// Good people, great tech, seriously fucked up upper management
Bad decisions, great stories