| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Jul 2005 15:50:03 +1000 (Australia/ACT) From: Darren Reed <avalon@...igula.anu.edu.au> To: fernando@....utn.edu.ar (Fernando Gont) Cc: full-disclosure@...ts.grok.org.uk, Security Alert <secure@...hs.cup.hp.com>, bugtraq@...urityfocus.com, Darren Reed <avalon@...igula.anu.edu.au> Subject: Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 In some mail from Fernando Gont, sie said: > > At 07:25 p.m. 20/07/2005, Darren Reed wrote: > > >In some mail from Fernando Gont, sie said: > > > The IPv4 minimum MTU is 68, and not 576. If you blindly send packets > > larger > > > than 68 with the DF bit set, in the case there's an intermmediate with an > > > MTU lower that 576, the connection will stall. > > > >And I think you can safely say that if you see any packets trying to > >indicate that the MTU of a link is "68" then you should ignore it. > > Yes. But what about 296? > ... > >I think it is reasonable to say anyone trying to advertise an MTU less > >than 576 has nefarious purposes in mind. > > There are still some radio links with MTUs of 296 bytes. Go search with google....people still actively use smaller MTUs. What do you do? Where do you draw the line in the sand? Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists