> UDP Bomb - By sending a UDP packet with incorrect information in the > header, some Sun-OS 4.1.3 Unix boxes will panic and then reboot. The problem was not limited to UDP. We had early production models of the Xerox Encryption Units (XEU), devices which would eat an Ethernet framed IP packet and encrypt only the Data portion of the Ethernet frame for secure transmission to another XEU. The early versions of this box left the Ethernet Length/Type field alone. When the XEU encrypted a broadcast packet, all machines on the wire would receive the Ethernet frame, look at the Length/Type field and hand the packet off to IP for further processing. Since all the Ethernet frame Data (i.e. the entire IP packet) was scrambled, attempting to process this as IP data was, umm.... interesting (really tested the packet handling and validation code). The Suns (running 4.1.1 or 4.1.3 at the time, I cannot remember which), paniced. After we showed Xerox the error of their ways :-) Xerox applied for and received an Ethernet Length/Type identifier for XEU encrypted Ethernet frames, and they modified their boxes to use it. The original Length/Type code was copied "inside" the data portion of the encrypted Ethernet frame and the XEU could either fragment Ethernet frames which became too long (already necessary due to the encryption process), or the source host MTU could be cranked down to prevent this. We tended to do the latter because the XEU (and all similar boxes, btw) are a real bottleneck and it was faster in the long run to send a few more slightly shorter IP packets than it was to process two encrypted Ethernet frames for each IP packet. Idly, Bob ------- U.S. Army Research Laboratory / Advanced Simulation and High Performance Computing Directorate / High Performance Computing Division / Computing Technologies Branch / Advanced Development Team / Aberdeen Proving Ground, MD 21005-5067 / ATTN: AMSRL-SC-CC (Reschly) // e-mail:reschly@ARL.MIL // Voice: (410)278-8612(VM) FAX: (410)278-5077 DSN:298- FTS:939- APG, MD ofc Voice: (703)812-8205 FAX: (703)812-9701 HPCMO Alexandria, VA ofc **** For a good time, call: (303)499-7111. Seriously! ****