IP分片重组Cache实现的测试与分析

Test and Analysis of the Implementation of Cache Used in IP Fragments Reassembly

IP碎片攻击是网络攻击的主要方式之一,攻击者利用系统对IP数据包分片重组实现上的漏洞,构造大量特殊的分片发送给目的主机,导致目的主机由于重组错误而造成拒绝服务、系统崩溃等。IP分片重组Cache的实现包括IP分片的重组算法、超时处理、替换策略等。文章从分析Linux操作系统IP分片重组Cache实现的策略入手,提出了一种测试IP分片重组Cache实现的方法,并在此基础上推测出Windows系统实现IP分片重组Cache的方法。

Attacking in virtue of the vulnerability of IP fragmentation and reassembly is a popular kind of network at-tacking.Hundreds of peculiar fragments which are constructed by the attacker are sent to the destination.Then the desti-nation cannot deal with these fragments correctly so as to denying service or system crash.The implementation of the cache used in IP fragments reassembly includes the arithmetic of reassembly,how to deal with timeout ,the policy of swapping,and so on.In this paper,the implementation of the IP fragmentation and reassembly in Linux is described at first,then a method of test is put forward,which is the emphasis in this paper.Finally,the implementation of the IP fragmentation and reassembly in Windows is discussed.