[reducing CC creep] On Friday, January 4, 2002, at 03:46 PM, Leo Bicknell wrote:
> In a message written on Fri, Jan 04, 2002 at 03:35:35PM -0800, Terry > Lambert wrote: >> Of course, now you've let the dirty little secret out of the >> bag: the MTU is on the *route*, which means on the next hop, >> so a spoof that got through would frag basically all traffic >> out of the victim machine down to 296 bytes... > > I might be assuming something here, but I want to clarify. It is > _NOT_ the case that a box with say, only a default route, would > limit _ALL_ TCP connections to the lowest returned MTU. > > The MTU is on the *route*, where *route* == the cloned route, > correct? That is certainly the way that the relevant code looks to me. FWIW, this is really a rehash of the same topic that came up on Bugtraq a couple years ago, and was cross-posted into freebsd-security at one point. I'm not sure if anything came of it then. -- Andy Carrel - [EMAIL PROTECTED] - +1 (425) 201-8745 Seņor Systems Eng. - Corporate Infrastructure Applications - InfoSpace To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message