Jump to content

Martian packet

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Agatino Catarella (talk | contribs) at 10:01, 12 November 2019 (Undid revision 925791155 by Agatino Catarella (talk) restoring - the whole article seems wrong, starting with the initial definition ; would need a complete rewrite). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A Martian packet is an IP packet seen on the public Internet that contains a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA). On the public Internet, such a packet either has a spoofed source address, and it cannot actually originate as claimed, or the packet cannot be delivered.[1] The requirement to do this is found in RFC 1812, Section 5.2.3 (Local Delivery Decision).

Martian packets commonly arise from IP address spoofing in denial-of-service attacks,[2] but can also arise from network equipment malfunction or misconfiguration of a host.[1]

In Linux terminology, a martian packet is an IP packet received by the kernel on a specific interface, while routing tables indicate that the source IP is expected on another interface.[citation needed]

The name is derived from packet from Mars, meaning that packet seems to be not of this Earth.[3]

IPv4 and IPv6

In both IPv4 and IPv6, martian packets have source or destination addresses within special-use ranges defined in RFC 6890.

Transition mechanisms

6to4

6to4 is an IPv6 transition technology where the IPv6 address encodes the originating IPv4 address such that every IPv4 /32 has a corresponding, unique IPv6 /48 prefix. Because 6to4 relays use the encoded value for determining the end site of the 6to4 tunnel, 6to4 addresses corresponding to IPv4 martians are not routable and should never appear on the public Internet.

Teredo tunneling

Teredo is another IPv6 transition technology that encodes the originating IPv4 address in the IPv6 address. However, the encoding format encodes the Teredo server address and tunnel information before the IPv4 client address. Thus there is no definable set of prefixes more specific than 2001:0::/32 for Teredo packets with martian end-site addresses. It is, however, possible to spoof Teredo packets with the Teredo server IPv4 address set to a martian.

See also

References

  1. ^ a b Baker, F. "Requirements for IP Version 4 Routers". tools.ietf.org. Retrieved 2019-05-02.
  2. ^ RFC 3704 - Ingress Filtering for Multihomed Networks
  3. ^ "Jargon File: martian".