Firewall Wizards mailing list archives
An ethernet frame with two IP packets inside?
From: Keller <keller () wiesbaden netsurf de>
Date: Sat, 24 Oct 1998 01:51:39 +0200
Hi gurus and beardy wizards, what happens if one ethernet frame contains two IP packets? I know, it *shouldn't* happen, but I could construct one, right? How will different tcpip stacks deal with the second IP packet? Could it slip through the filtering rules on some routers? Could it slip past static pattern matching firewalls (FW-1?) ? Any ideas or pointers are greatly appreciated.. Cheers! Stefan Keller p.s.: I'm aware that it would imply that the attacker sits directly in front of the router/firewall server/whatever.. Then again, he could sit on a (compromised) Linux web server with .. let's say SPAK.. downloaded to that machine.
Current thread:
- multiple servers with 1 internet connection and fw g (Oct 23)
- Re: multiple servers with 1 internet connection and fw Bennett Todd (Oct 27)
- An ethernet frame with two IP packets inside? Keller (Oct 28)
- Re: An ethernet frame with two IP packets inside? Darren Reed (Oct 29)
- Re: An ethernet frame with two IP packets inside? cbrenton (Oct 29)
- Re: An ethernet frame with two IP packets inside? Smoot Carl-Mitchell (Oct 29)
- Re: An ethernet frame with two IP packets inside? Gigi Sullivan (Oct 29)
- Re: An ethernet frame with two IP packets inside? Perry E. Metzger (Oct 29)