nanog mailing list archives
Re: [NANOG] Microsoft.com PMTUD black hole?
From: Bjørn Mork <bjorn () mork no>
Date: Thu, 08 May 2008 09:00:19 +0200
Iljitsch van Beijnum <iljitsch () muada com> writes:
Now Microsoft is also the company that built the OS that could be crashed by a maliciously crafted fragmented IP packet, so maybe there's something to this security policy. (One hopes that this bug and others like it are now fixed.)
Although the fact that Microsoft block all icmp makes me wonder which unfixed icmp related security holes they know about... I am not saying that there are any such holes in current Windows versions, but I will certainly not use a Windows server in an environment where I could receive icmp after learning that Microsoft themselves don't trust Windows' icmp handling. After all, Microsoft must have a reason to block all icmp. Or?
However, in that case the only workable course of action would be TO DISABLE PATH MTU DISCOVERY! You can't have your cake and eat it too.
But maybe the death of icmp is worth some sort of ceremony? Cake or not. Bjørn _______________________________________________ NANOG mailing list NANOG () nanog org http://mailman.nanog.org/mailman/listinfo/nanog
Current thread:
- Re: [NANOG] Microsoft.com PMTUD black hole?, (continued)
- Re: [NANOG] Microsoft.com PMTUD black hole? Tomas L. Byrnes (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Nathan Anderson/FSR (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Iljitsch van Beijnum (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Nathan Anderson/FSR (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Tomas L. Byrnes (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Iljitsch van Beijnum (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Tomas L. Byrnes (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Nathan Anderson/FSR (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Tomas L. Byrnes (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Nathan Anderson/FSR (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Bjørn Mork (May 08)
- Re: [NANOG] Microsoft.com PMTUD black hole? Joel Jaeggli (May 08)
- Re: [NANOG] Microsoft.com PMTUD black hole? Iljitsch van Beijnum (May 08)
- Re: [NANOG] [OPSEC] Microsoft.com PMTUD black hole? Smith, Donald (May 08)
- Re: [NANOG] Microsoft.com PMTUD black hole? Hank Nussbacher (May 08)
- Re: [NANOG] Microsoft.com PMTUD black hole? Deepak Jain (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? SML (May 07)
- Re: [NANOG] Microsoft.com PMTUD black hole? Tony Finch (May 08)
- Re: [NANOG] Microsoft.com PMTUD black hole? Blaine Christian (May 08)
- [NANOG] msnalerts () microsoft com invalid now (Was Re: Microsoft.com PMTUD black hole?) Mark Smith (May 16)
- [NANOG] msnalert () microsoft com valid (was Re: msnalerts () microsoft com invalid now) Mark Smith (May 16)