lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200507210550.j6L5o3tR025736@caligula.anu.edu.au>
Date: Thu Jul 21 09:58:14 2005
From: avalon at caligula.anu.edu.au (Darren Reed)
Subject: Re: (ICMP attacks against TCP) (was Re:
	HPSBUX01137 SSRT5954

In some mail from Fernando Gont, sie said:
> 
> At 07:25 p.m. 20/07/2005, Darren Reed wrote:
> 
> >In some mail from Fernando Gont, sie said:
> > > The IPv4 minimum MTU is 68, and not 576. If you blindly send packets 
> > larger
> > > than 68 with the DF bit set, in the case there's an intermmediate with an
> > > MTU lower that 576, the connection will stall.
> >
> >And I think you can safely say that if you see any packets trying to
> >indicate that the MTU of a link is "68" then you should ignore it.
> 
> Yes. But what about 296?
> 
...
> >I think it is reasonable to say anyone trying to advertise an MTU less
> >than 576 has nefarious purposes in mind.
> 
> There are still some radio links with MTUs of 296 bytes.

Go search with google....people still actively use smaller MTUs.

What do you do?  Where do you draw the line in the sand?

Darren

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ