Complaints about vulnerability to Ping of Death attacks over the past month have prompted Microsoft Corp. and a handful of other vendors to release patches to their products.
The Ping of Death, discovered in early October, is a denial-of-service attack that crashes network servers or firmware by overloading them with illegally large ping packets.Over the past few weeks, Microsoft, Bay Networks Inc., Galacticomm Inc., Storage Technology Corp. and the Linux community have been among those issuing patches.
Microsoft developed and plans to post a new version of its ping.exe file that will not allow users to send illegally large ping packets. Bay issued patches for its routers. Galacticomm released patches for the TCP/IP kernel in Versions 1 and 2 of its Worldgroup BBS software. And the community of developers that supports and updates the Linux freeware operating system has also posted patches.
Storage Technology Corp.'s Network Systems Group released a Net Sentry security module that blocks packets with inappropriately large amounts of data.
Further information about the Ping of Death and available patches can be found at http://www.sophist.demon.co.uk/ping/.