Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Idiotic question
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Tue, 29 Feb 2000 17:09:45 -0600

Hi,

This just means you got hit with an icmp packet that too big to pass
through your gateway but it had the 'Dont Fragment' flag set.  Probably
a DoS or MTU discovery tool.

-HD

Joe User wrote:


Howdy!

As I was watching the logs tonight, I wound up with this entry in there:

Feb 25 21:23:35 localhost icmplog[246]: 139.175.17.1: fragmentation needed
(IP_DF set)
Feb 25 21:23:37 localhost icmplog[246]: 139.175.17.1: fragmentation needed
(IP_DF set)

It seems vaguely familiar, but I sure can't recall what it is. It reminds
me of some of the older Jolt attempts, but I can't remember for the life
of me. Any help would be appreciated. Thanks!

Atralakh Information Archives: ftp://atralakh.darktech.org
Atralakh Haven: telnet://atralakh.darktech.org:2300
About Atralakh: gopher://atralakh.darktech.org
My home page: http://home.centurytel.net/kronovohr/
E-mail: kronovohr<at>centurytel<dot>net

        push ax,dx
         xor dx,dx
         pop ax
        push computer,out_window
          db 09 FF F8 F7 2E 0H SH 1T !!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]