Bugtraq mailing list archives
Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954
From: Dana Hudes <dhudes () hudes org>
Date: Thu, 21 Jul 2005 20:26:38 -0400 (EDT)
you will find a range of MTU sizes in radio links of various sorts which is not just 802.11 but also cellular including GPRS CDMA and WCDMA. Now, in many instances there is a proxy between the mobile station and the public network. In fact I wrote a powerpoint presentation summarizing such a paper on transparent TCP proxy in WCDMA and its on my site http://www.networkengineer.biz (I took a course in wireless architecture). On Thu, 21 Jul 2005, Darren Reed wrote:
In some mail from Fernando Gont, sie said:At 07:25 p.m. 20/07/2005, Darren Reed wrote:In some mail from Fernando Gont, sie said:The IPv4 minimum MTU is 68, and not 576. If you blindly send packetslargerthan 68 with the DF bit set, in the case there's an intermmediate with an MTU lower that 576, the connection will stall.And I think you can safely say that if you see any packets trying to indicate that the MTU of a link is "68" then you should ignore it.Yes. But what about 296?...I think it is reasonable to say anyone trying to advertise an MTU less than 576 has nefarious purposes in mind.There are still some radio links with MTUs of 296 bytes.Go search with google....people still actively use smaller MTUs. What do you do? Where do you draw the line in the sand? Darren
Current thread:
- HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS) Security Alert (Jul 19)
- (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)) Fernando Gont (Jul 20)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 Darren Reed (Jul 21)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 Fernando Gont (Jul 21)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 Darren Reed (Jul 21)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 Casper . Dik (Jul 21)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 Dana Hudes (Jul 22)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 Darren Reed (Jul 22)
- Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 Darren Reed (Jul 21)
- (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)) Fernando Gont (Jul 20)