David R Boldt wrote: > >> I'm a bit puzzled. Quoting Wikipedia "A Teardrop attack involves >> sending mangled IP fragments with overlapping, over-sized payloads to >> the target machine." The goal is to trip bugs in the operating system's >> IP fragment re-assembly code that can cause the machine to crash. >> >> The vulnerable Windows versions are Windows 3.1, Windows 95, and NT4, >> and Linux kernels older than 2.0.32 and 2.1.63. >> >> Is the client machine configured to send jumbograms? > > Trying to collect that information now, waiting on user response. > 90% of our users are on Windows XP, 5% Mac. > This particular user would be unlikely to > customize settings.
Then jumbograms would be off. >> Is there some other reason that packets are being fragmented? > > Don't know yet if this could be a factor but the user was > connecting through a Juniper VPN. Will dig deeper. IPSec VPNs often results in packet fragmentation unless the RxMaxMTU is artificially restricted to a value less than 1272. Jeffrey Altman _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
