| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6.1.2.0.0.20050721193634.02ba2a20@pop.informatik.uni-bremen.de> Date: Thu, 21 Jul 2005 19:36:41 +0200 From: Dennis Lubert <plasmahh@...ormatik.uni-bremen.de> To: bugtraq@...urityfocus.com Cc: Fernando Gont <fernando@....utn.edu.ar> Subject: Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)) At 00:09 20.07.2005, Fernando Gont wrote: >The IPv4 minimum MTU is 68, and not 576. If you blindly send packets >larger than 68 with the DF bit set, in the case there's an intermmediate >with an MTU lower that 576, the connection will stall. > >576 is the minimum reassembly buffer size. That is the minimum packet size >every *end-system* should be able to reassemble, and NOT the minimum >packet size that can get to destination without fragmentation. To be completely correct <quote RFC 791> Every internet module must be able to forward a datagram of 68 octets without further fragmentation. This is because an internet header my be up to 60 octets, and the minimum fragment is 8 octets. Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled. </quote> So 576 is the minimum packet size you can get to a destination without fragmentation Carpe quod tibi datum est
Powered by blists - more mailing lists