Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IP hack theorizing

Tom Metro wrote:
> Jerry Feldman wrote:
>> David Kramer <david at> wrote:
>>> The IP envelope contains the total length of the datagram.  What would
>>> happen if that number were larger or smaller than the real length?
>> I think the network layer in most implementations has been purged of
>> buffer overflow issues. Most likely, the affected packet would simply
>> be discarded...
> Or corrected. I believe modern software firewalls, like iptables,
> perform a number of sanity checks on packets before they hit the kernel.
> For example, here's a recent log entry triggered by iptables when it
> didn't like the window size specified in a packet:
>  ... TCP: Treason uncloaked! Peer shrinks window
> 1150916075:1150916611. Repaired.

Spectacularly cool!  Thanks.

BTW, I'm in the process of asking whether I can publish the paper here.
 There's nothing earth-shattering that real sysadmins don't already
know, but it might be useful for the home users.

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /