[e2e] ICMP & TCP segments with IP ID = 0?
Jerome Etienne
jerome at zeroknowledge.com
Wed May 16 08:12:31 PDT 2001
On Wed, May 16, 2001 at 10:04:36AM -0400, Craig Partridge wrote:
>
> Hi folks:
>
> As a side discovery on a research project, we've tripped over a bunch of
> packets in the wild where the IP ID is set to 0. Some are ICMP packets
> and some are TCP segments.
linux did it at some point, i dont know if it is still valid.
> Before we set up a traffic filter to track down what brand of system is
> generating these evil beasts, I'm writing to see if anyone has already
> figured out what kind of system sends them.
what is so evil in setting the IPv4 id to 0, assuming the DF bit is set ?
More information about the end2end-interest
mailing list