In some email I received from Robert Graham, sie wrote:
>
> --- Joe Ippolito <joe_at_joesnet.com> wrote:
> > I know that MS has addressed problems like "ping of death" to NT with
> > previous service packs; See
> > http://support.microsoft.com/support/kb/articles/Q132/4/70.asp for a really
> > old one. Does anyone out there know whether NT 4 SP5 (without MS Proxy's
> > packet filter) is still vulnerable to such attacks? Just curious.
>
> The IGMP fragmentation attack is post-SP5 and affected Win98 and Win2k. I've
> heard rumours that it also affected WinNT.
Doesn't the fact that the various Microsoft products all seem to have
problems with fragmentation ring any bells in people's heads about *bad*
IP implementation ? Seems to me like they push the defragmentation *up*
a layer (probably for some perceived speed advantage) and in doing so
have created the `same' problem in each of your TCP, UDP, ICMP, IGMP, etc,
rather than just once in IP.
Darren
Received on Sep 10 1999
Intro
