Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS))
From: Dennis Lubert <plasmahh () informatik uni-bremen de>
Date: Thu, 21 Jul 2005 19:36:41 +0200

At 00:09 20.07.2005, Fernando Gont wrote:

The IPv4 minimum MTU is 68, and not 576. If you blindly send packets larger than 68 with the DF bit set, in the case there's an intermmediate with an MTU lower that 576, the connection will stall.

576 is the minimum reassembly buffer size. That is the minimum packet size every *end-system* should be able to reassemble, and NOT the minimum packet size that can get to destination without fragmentation.

To be completely correct
<quote RFC 791>
Every internet module must be able to forward a datagram of 68 octets without further fragmentation. This is because an internet header my be up to 60 octets, and the minimum fragment is 8 octets. Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled.
</quote>

So 576 is the minimum packet size you can get to a destination without fragmentation


Carpe quod tibi datum est

  By Date           By Thread  

Current thread:
  • Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)) Dennis Lubert (Jul 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]