Setting an "evil bit" in the header

Forum Moderators: open

Message Too Old, No Replies

Setting an "evil bit" in the header

tedster

4:16 pm on Apr 2, 2003 (gmt 0)

I appreciated this April 1 memo about adding a security flag to identify malicious packets.

Firewalls [CBR03], packet filters, intrusion detection systems, and the like often have difficulty distinguishing between packets that have malicious intent and those that are merely unusual. The problem is that making such determinations is hard.
To solve this problem, we define a security flag, known as the "evil" bit, in the IPv4
[RFC791] header. Benign packets have this bit set to 0; those that are used for an attack will have the bit set to 1.
Full Memo [networksorcery.com]

Dreamquick

4:18 pm on Apr 2, 2003 (gmt 0)

:) beat you to the punch on this one I'm afraid! And on April 1st too :)

[webmasterworld.com...]

- tony

tedster

4:53 pm on Apr 2, 2003 (gmt 0)

So you did - sorry for the double post.

Now I feel obligated to give the people who stop into this thread something unique for their efforts --

Top 100 April Fools [museumofhoaxes.com]

I remember number 1 from my childhood - the BBC's documentary on growing and harvesting spaghetti.

Dreamquick

7:37 pm on Apr 2, 2003 (gmt 0)

As so you read ntbugtraq too :)

- Tony

TheDoctor

9:37 pm on Apr 2, 2003 (gmt 0)

Top 100 April Fools [museumofhoaxes.com]

My favourite bit in the San Serriffe hoax was a photograph of an idyllic island sea-shore with the caption:

"Beaches where terrorism has virtually been eliminated"