[e2e] ICMP & TCP segments with IP ID = 0?

Jerome Etienne jerome at zeroknowledge.com
Wed May 16 08:12:31 PDT 2001

On Wed, May 16, 2001 at 10:04:36AM -0400, Craig Partridge wrote:
> Hi folks:
> As a side discovery on a research project, we've tripped over a bunch of
> packets in the wild where the IP ID is set to 0.  Some are ICMP packets
> and some are TCP segments.

linux did it at some point, i dont know if it is still valid. 
> Before we set up a traffic filter to track down what brand of system is
> generating these evil beasts, I'm writing to see if anyone has already
> figured out what kind of system sends them.

what is so evil in setting the IPv4 id to 0, assuming the DF bit is set ?

More information about the end2end-interest mailing list