

Larry and the “Ping of Death” (2007) - yuhong
http://blogs.msdn.com/b/larryosterman/archive/2007/10/16/larry-and-the-ping-of-death.aspx

======
jes
I disagree with Larry when he refers to that situation as a "moment of utter
stupidity." People are not omniscient. I think it was classy, however, to
apologize for the problem.

~~~
kevan
Agreed. Everyone makes mistakes, owning up to them shows maturity. Sidenote:
I'd much rather find out about something like this before release than have
someone exploit it in the wild and force a patch.

------
cek
Before "Ping of Death" there was "Beeping Death" at Microsoft and Larry was
involved well.

[http://blogs.msdn.com/b/larryosterman/archive/2005/11/09/490...](http://blogs.msdn.com/b/larryosterman/archive/2005/11/09/490869.aspx)

And then there was the time Todd Laney took the entire corporate network down
by streaming songs using multi-cast UDP...

------
cafard
Back in the 1990s, CACM carried an analysis of UNIX programs' robustness
against malformed inputs. The authors were motivated to do the study after
noise on a modem connection had crashed jobs they were running. Their
conclusion was that the robustness wasn't what it should be. I think that
DEC's variant tested best of all.

~~~
antientropic
A later, expanded version of the study found the GNU utilities to be the most
robust: ftp://ftp.cs.wisc.edu/paradyn/technical_papers/fuzz-revisited.pdf

------
yuhong
Even later, it was trivial to crash NT4 DNS server:

[http://support.microsoft.com/kb/162927](http://support.microsoft.com/kb/162927)

[http://support.microsoft.com/kb/169461](http://support.microsoft.com/kb/169461)

------
yuhong
Do anyone remember which kind of bug this was?

~~~
gvb
Sending a packet that exceeded the 65535 byte maximum packet size (via
fragmentation and reassembly). This would cause a reassembly buffer overflow.

[http://en.wikipedia.org/wiki/Ping_of_death](http://en.wikipedia.org/wiki/Ping_of_death)

~~~
yuhong
I am talking about the exact bug talked about in the article I linked.

~~~
bcbrown
Given that it exposed a bug in a driver Larry wrote, years before the OS was
released, likely only Larry knows what the bug was.

