Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IP hack theorizing

On Tue, 10 Oct 2006 00:53:58 -0400
David Kramer <david at> wrote:

> The IP envelope contains the total length of the datagram.  What would
> happen if that number were larger or smaller than the real length?
> Could that be used to include information from another packet in the
> current one, or to make the network layer toss its cookies?
If I recall, this was one of the attacks. However, since packets travel
through a myriad of routers, the hack would have to be done close to
the destination to affect the local system. I think the network layer
in most implementations has been purged of buffer overflow issues. Most
likely, the affected packet would simply be discarded, in UDP, a loss
of data, and in TCP causing either a retransmission of the packet or a
rejection of the entire message. Additionally, packets cannot be larger
than the MTU. 

Jerry Feldman <gaf at>
Boston Linux and Unix user group PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /