Date: Sun, 8 Jul 2001 19:15:59 -0700 From: Dragos Ruiu <dr@kyx.net> To: Mike Silbersack <silby@silby.com>, <cjclark@alum.mit.edu> Cc: Darren Reed <avalon@coombs.anu.edu.au>, Yonatan Bokovza <Yonatan@xpert.com>, "'freebsd-security@freebsd.org'" <freebsd-security@FreeBSD.ORG> Subject: Re: FW: Small TCP packets == very large overhead == DoS? Message-ID: <0107081922111G.08020@smp.kyx.net> In-Reply-To: <20010708200041.A26132-100000@achilles.silby.com> References: <20010708200041.A26132-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Am I understanding this correctly? You intend to muck with the RFC value and create another variant in behaviour to tweak for and to worry about, to account for the possibility of clients that have lame packet overhead behaviour? just curious, --dr On Sun, 08 Jul 2001, Mike Silbersack wrote: > On Sun, 8 Jul 2001, Crist J. Clark wrote: > > > On Mon, Jul 09, 2001 at 08:24:28AM +1000, Darren Reed wrote: > > > In some mail from Crist J. Clark, sie said: > > > > > What's most surprising is that there does not appear to be a documented > > > > > minimum, just as there is no "minimum MTU" size for IP. If there is, > > > > > please correct me. > > > > > > > > The absolute minimum MTU for IP is 68 (RFC791). > > > > > > Yeah, enough for 64bytes of header options and 8 bytes of fragmented > > > data. Not what I'd call a "useful" minimum. > > > > How about the 576 byte (IIRC) value? It's not really a network MTU, > > but all host must be able to handle datagrams of that size. > > Looking at Darren's table, it seems like we could split the difference > between breaking things and allowing this to be abused. 256 sounds like a > good number. Perhaps we should just make that the new minimum and not > worry any further. > > Mike "Silby" Silbersack > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Dragos Ruiu <dr@dursec.com> dursec.com ltd. / kyx.net - we're from the future gpg/pgp key on file at wwwkeys.pgp.net or at http://dursec.com/drkey.asc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0107081922111G.08020>