Bugtraq mailing list archives
Re: Analysis of jolt2.c (MS00-029)
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Sat, 27 May 2000 09:51:45 +1000
In some mail from Mikael Olsson, sie said: [...]
2. Microsoft doesn't verify the checksum prior to storing it. Microsoft doesn't verify the structural integrity (the packet is truncated!)
[...] I think it has been mentioned before that the MS TCP/IP code is implemented in such a way that each of TCP, UDP, ICMP (and any further protocol, such as IGMP?) have to do all their own sanity checking of fragments, checksums, etc. I can only think that they believe there is some performance benefit to be gained here. Darren
Current thread:
- Analysis of jolt2.c (MS00-029) Mikael Olsson (May 26)
- Re: Analysis of jolt2.c (MS00-029) Darren Reed (May 26)