Subject: Re: Ethernet frame padding bug - CERT VU #412115 (xs4)
To: Rogier Krieger <>
From: Quentin Garnier <>
List: tech-security
Date: 01/13/2003 16:25:05
Le Mon, 13 Jan 2003 16:17:44 +0100
Rogier Krieger a écrit :
> It seems like a false alarm for NetBSD. It just can't hurt to check
> up on it - I may have missed something, although a packet of 60 bytes
> long should be enough testing material.

It's been discussed a bit around here, but anyway, you didn't test
anything because your IP packets (and therefore your Ethernet frames) are
too long.

That's the point : how are padded Ethernet frames that contain short
packets ? The shorter IP packet you send, the more pad you can see. With
an IP packet too long, you see no pad at all since you go over the minimum
size of an Ethernet frame.

Quentin Garnier -
"Feels like I'm fiddling while Rome is burning down.
Should I lay my fiddle down and take a rifle from the ground ?"
Leigh Nash/Sixpence None The Richer, Paralyzed, Divine Discontents, 2002.