Hello to the list and RA guard evasion technique

Fernando Gont fernando at gont.com.ar
Wed Jun 1 06:26:54 CEST 2011


On 05/29/2011 08:58 AM, Steinar H. Gunderson wrote:
> Den 29. mai 2011 13:53 skrev Eric Vyncke (evyncke) <evyncke at cisco.com> følgende:
>> But, you obviously have found a work-around around the work-around: overlapping fragments. Especially if hosts accept it... (which is weird BTW but what can we do?).
> 
> An open question is whether one should treat this as a bug in the end
> systems. Shouldn't packets with overlapping fragments just be treated
> as malformed and dropped? Or would checking for this have a
> significant performance cost?

As far as the current specs are concerned, overlapping fragments are not
allowed, and hosts received them should discard them.

Thanks,
-- 
Fernando Gont
e-mail: fernando at gont.com.ar || fgont at acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1






More information about the ipv6-ops mailing list