lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <6.2.0.14.0.20050722000220.02030020@pop.frh.utn.edu.ar> Date: Fri Jul 22 04:51:44 2005 From: fernando at frh.utn.edu.ar (Fernando Gont) Subject: Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 At 02:17 p.m. 21/07/2005, Casper.Dik@....COM wrote: > >> There are still some radio links with MTUs of 296 bytes. > > > >Go search with google....people still actively use smaller MTUs. > > > >What do you do? Where do you draw the line in the sand? > >Well, the minimum requirement for "you must be able to reassemble this" >is 576; so you use PMTU until you go as low as 576 at which point you >stop using the DF bit I assume you are not proposing this as the solution to the problem. If you do, I'd just spoof an ICMP "fragmentation needed and DF bit set" that advertises an MTU lower than 576. And then would attack you with IP fragments. Kindest regards, -- Fernando Gont e-mail: fernando@...t.com.ar || fgont@....org
Powered by blists - more mailing lists