Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954

From: Dana Hudes (dhudes_at_hudes.org)
Date: 07/22/05

  • Next message: Jared Johnson: "RE: Peter Gutmann data deletion theaory?" 
    Date: Thu, 21 Jul 2005 20:26:38 -0400 (EDT)
To: Darren Reed <avalon@caligula.anu.edu.au>

    you will find a range of MTU sizes in radio links of various sorts which
    is not just 802.11 but also cellular including GPRS CDMA and WCDMA.
    Now, in many instances there is a proxy between the mobile station and the
    public network. In fact I wrote a powerpoint presentation summarizing such
    a paper on transparent TCP proxy in WCDMA and its on my site
    http://www.networkengineer.biz (I took a course in wireless
    architecture).

    On Thu, 21 Jul 2005, Darren Reed wrote:

    > In some mail from Fernando Gont, sie said:
    > >
    > > At 07:25 p.m. 20/07/2005, Darren Reed wrote:
    > >
    > > >In some mail from Fernando Gont, sie said:
    > > > > The IPv4 minimum MTU is 68, and not 576. If you blindly send packets
    > > > larger
    > > > > than 68 with the DF bit set, in the case there's an intermmediate with an
    > > > > MTU lower that 576, the connection will stall.
    > > >
    > > >And I think you can safely say that if you see any packets trying to
    > > >indicate that the MTU of a link is "68" then you should ignore it.
    > >
    > > Yes. But what about 296?
    > >
    > ...
    > > >I think it is reasonable to say anyone trying to advertise an MTU less
    > > >than 576 has nefarious purposes in mind.
    > >
    > > There are still some radio links with MTUs of 296 bytes.
    >
    > Go search with google....people still actively use smaller MTUs.
    >
    > What do you do? Where do you draw the line in the sand?
    >
    > Darren
    >

  • Next message: Jared Johnson: "RE: Peter Gutmann data deletion theaory?"

    Relevant Pages
    • Quantcast