Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IP hack theorizing

Jerry Feldman wrote:
> David Kramer <david at> wrote:
>> The IP envelope contains the total length of the datagram.  What would
>> happen if that number were larger or smaller than the real length?
> I think the network layer in most implementations has been purged of
> buffer overflow issues. Most likely, the affected packet would simply
> be discarded...

Or corrected. I believe modern software firewalls, like iptables, 
perform a number of sanity checks on packets before they hit the kernel. 
For example, here's a recent log entry triggered by iptables when it 
didn't like the window size specified in a packet:

  ... TCP: Treason uncloaked! Peer shrinks 
window 1150916075:1150916611. Repaired.


Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile:

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /