LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   What happens when a machine receive unwanted packets? (https://www.linuxquestions.org/questions/linux-networking-3/what-happens-when-a-machine-receive-unwanted-packets-793531/)

Ashkan_s 03-05-2010 10:14 PM
What happens when a machine receive unwanted packets?
 
Hi

Assume this:

Machine A sends a packet to machine B, no application in machine B
is waiting for the packet, Now:

What happens in kernel?
what happens to this packet exactly?

Could you please explain me step by step? Or introduce me some books, web pages and ...?

Thanks

Simon Bridge 03-06-2010 01:29 AM
If there is nothing at all to use or respond to the packet, it is ignored.
What is the context here?

Ashkan_s 03-06-2010 01:43 AM
I want to know what parts of kernel are involving in managing the packet, and specially on receiving an unwanted packet. If I receive such a packet, Is it possible any dangerous event occurs to my PC?

Simon Bridge 03-06-2010 10:41 AM
You use firewalls to manage packets - read about iptables. All the kernel does is assign resources to the transport, eg. through the nic driver and the various protocols the packet could be using.

If you look through the help files for the networking section of your kernel config, you'll get a good overview of the sorts of things the kernel does with tcp/ip packets.

It sounds like there is something on your mind - what's troubling you?

Ashkan_s 03-07-2010 09:41 AM
OK

I read the following (first lines), yesterday: http://www.linuxjournal.com/article/4852

Now I am interested in knowing is there any way to a packet to be processed and became active?. In other words can a packet refuse that routine specially the third part mentioned in the article and goes another way?


The main question is:
Is the schema vulnerable or the implementations of it are insecure? which result in hacking attacks?

salasi 03-07-2010 01:48 PM
Quote:
Originally Posted by Ashkan_s (Post 3889222)
I read the following (first lines), yesterday: http://www.linuxjournal.com/article/4852
Be aware that the article, while at the time a pretty good one, concerns a rather old system by today's standards. In particular, the firewall system has had a significant makeover since then.

Quote:
In other words can a packet refuse
No, the packet never becomes active in that sense. The packet's 'payload' is data, not execution (or executability). Now, the user, or some other program can take that data and treat it as an executable, but the data itself can't directly do that. And that could be a problem, if done wrong/maliciously, but I'm not sure whether that is what you are asking about

JZL240I-U 03-08-2010 03:29 AM
But then, in case you were looking for something like this, there is portknocking:

http://www.portknocking.org/


All times are GMT -5. The time now is 03:37 PM.