| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1423758118.4942.14.camel@edumazet-glaptop2.roam.corp.google.com> Date: Thu, 12 Feb 2015 08:21:58 -0800 From: Eric Dumazet <eric.dumazet@...il.com> To: Tom Marshall <tom@...gn.com> Cc: netdev@...r.kernel.org Subject: Re: [PATCH] net: ip: Do not allow connection to remote port zero On Wed, 2015-02-11 at 21:24 -0800, Tom Marshall wrote: > On Wed, Feb 11, 2015 at 08:06:14PM -0800, Eric Dumazet wrote: > > On Wed, 2015-02-11 at 16:58 -0800, Tom Marshall wrote: > > > Port zero is reserved according to IANA. > > > > > > Note UDP sendto is already disallowed if dport is zero. > > > > I have no idea why we should prevent such thing. > > * It is marked "reserved" by IANA. > > * UDP packets with dport=0 are already prevented from being sent. > > * Many routers will either drop the packets or, worse, send back a RST to a > SYN destined for port 0. Some networking/supervision applications might use this knowledge to send TCP probes with dport=0, expecting to get an RST, knowing no listener could possibly answer with a SYNACK. If you take a look at traceroute -p TCP, you'll be shocked that it sends malformed TCP packets. IANA never complained about this, so far. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists