Re: teardrop and Linux as a router

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 24 Nov 1997 09:34:38 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: [2.1.65] New patch for serial port IRQ setup."
Previous message: Gabriel Paubert: "Re: [2.1.65] New patch for serial port IRQ setup."
Next in thread: linux kernel account: "Re: teardrop and Linux as a router"
Reply: linux kernel account: "Re: teardrop and Linux as a router"

> else if((ntohs(ip->tot_len)<8+(ip->ihl<<2))&&(ip->protocol==IPPROTO_TCP \
> || ip->protocol==IPPROTO_UDP))
> return FW_BLOCK;
> [...]
>
> methinks that blocking those "ugly" packets without any notification
> is a crime ;-) What about a simple patch ? (attached below)

Now allow me to send you millions of them filling your disk, driving your
load through the roof and generally becoming a denial of service issue.

Also such tcp packets are possible in a purely theoretical view of the RFC's

Next message: Alan Cox: "Re: [2.1.65] New patch for serial port IRQ setup."
Previous message: Gabriel Paubert: "Re: [2.1.65] New patch for serial port IRQ setup."
Next in thread: linux kernel account: "Re: teardrop and Linux as a router"
Reply: linux kernel account: "Re: teardrop and Linux as a router"