Kitz Forum
Internet => General Internet => Topic started by: Weaver on March 03, 2020, 12:13:31 PM
-
Say someone sends me an IPv4 TCP packet and it is less than 40 bytes long, or any IPv4 packet that is less than 20 bytes long (do I have the minimum lengths correct?), then what does that do to operating system <x>? Are there still bugs in operating systems relating to checking for this and other similar evils?
I ask because I was reading about a switch that offers checking for such things and I wondered if there is still any need for such external checks. Of course a stateful firewall provides a guard against evildoers anyway unless they are already inside your LAN that is.
-
You are correct about the minimum packet sizes. Shorter packets might be caused by transmission errors or malicious construction. Both of those should be caught by the link layer. I hesitate to say that all current OSs are bug free but it would surprise me if there were handling errors in network drivers. Many years ago I found a bug in IBM's IP handling which had been causing NFS errors. That was an exception which proves the rule.
A switch allows you to offload processing onto separate hardware. Any lift will depend on how many dodgy packets need to be dealt with.
-
Discarded as junk. Error counter will increment as packet/frame is considered corrupted.
-
NB switch won't care, or shouldn't as it should be inspecting Ethernet headers only, router will discard.