> On a side note, when I was testing this vulnerability, I tried > varying the size of the ICMP packet. Strangely enough, I got no response > if the packet was of size 1469 bytes, or 1471 bytes. There must be > something special about 1470 byte ICMP packets. Anyone have any ideas? > Something about fragmentation maybe? Maybe just on the cusp where it expects another packet with the continuation and doesn't get it, or gets the continuation but doesn't expect it? Tuc/TBOH
