Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 10 Jul 2001 09:44:23 -0700
From:      "Crist Clark" <crist.clark@globalstar.com>
To:        Darren Reed <avalon@coombs.anu.edu.au>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: FW: Small TCP packets == very large overhead == DoS?
Message-ID:  <3B4B30E7.28607AEE@globalstar.com>
References:  <200107100938.TAA13064@caligula.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
Darren Reed wrote:
> 
> In some mail from Crist Clark, sie said:
> >
> > The TCP segment is everything in the IP payload. An SYN segment is a
> > TCP segment, but it carries no data and has a segment length of one (whee!).
> > I can see that clearly in the RFC, and I think we all cab agree on that.
> > However, I think that a SYN segment, which is all header, has a size greater
> > than one. It looks more like 24-or-so bytes typically... or maybe it does not.
> > I am looking for where (if anywhere) the specification comes out and says
> > that segment "size" is the same as "length." Why isn't the MSS called the MSL
> > after the RFC has gone to such pains to define "length?"
> 
> Why can't a SYN segment be a TCP segment of length 0 ?
> (with one phantom byte)

For it is written,

  segment length
            The amount of sequence number space occupied by a segment,
            including any controls which occupy sequence space.
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  SYN
            A control bit in the incoming segment, occupying one sequence
            ^^^^^^^^^^^^^                          ^^^^^^^^^^^^^^^^^^^^^^
            number, used at the initiation of a connection, to indicate
            ^^^^^^
            where the sequence numbering will start.

-- 
Crist J. Clark                                Network Security Engineer
crist.clark@globalstar.com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmaster@globalstar.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B4B30E7.28607AEE>