Nmap Development mailing list archives

Re: Bad IP-checksums

From: Fyodor <fyodor () insecure org>
Date: Fri, 15 Aug 2008 13:07:38 -0700

On Fri, Aug 15, 2008 at 03:11:02PM +0200, Gisle Vanem wrote:


After some digging, I found two places where 'ip->ip_sum'
wasn't cleared before calculating the sum. I believe the omission
in osscan2.cc that was causing me trouble. A patch against today's
svn:


Did this actually fix the problem for you?  For osscan2.cc, it looks
at first glance like ip_sum should already be zero because of line
3064:

    memset((char *) packet, 0, sizeof(struct ip) + sizeof(struct udp_hdr));

Your tcpip.cc change looks like it only relates to fragmented packets.
I'm not sure if resetting ip_sum to 0 is needed there, but I'll
probably add it because it is easy and shouldn't hurt anything.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Bad IP-checksums Gisle Vanem (Jul 25)
- Re: Bad IP-checksums Brandon Enright (Jul 25)
  - Re: Bad IP-checksums David Fifield (Jul 25)
    - Re: Bad IP-checksums Brandon Enright (Jul 25)
    - Re: Bad IP-checksums Gisle Vanem (Jul 26)
    - Re: Bad IP-checksums Gisle Vanem (Jul 26)
    - Re: Bad IP-checksums Gisle Vanem (Aug 15)
    - Re: Bad IP-checksums Fyodor (Aug 15)
    - Re: Bad IP-checksums Gisle Vanem (Aug 15)
    - Re: Bad IP-checksums Michael Pattrick (Aug 15)
    - Re: Bad IP-checksums Gisle Vanem (Aug 16)
    - Re: Bad IP-checksums David Fifield (Aug 20)
    - Re: Bad IP-checksums Michael Pattrick (Aug 20)
    - Re: Bad IP-checksums Gisle Vanem (Aug 21)
    - Re: Bad IP-checksums David Fifield (Aug 21)