Hacker News new | past | comments | ask | show | jobs | submit login

> If you send garbage to a WireGuard endpoint as I understand it nothing at all happens.

As far as I understand, the idea is to send garbage not to the VPN endpoint, but to any interface on the machine that the VPN runs on, with VPN tunnel's IP there as destination.

The fact that the machine would even consider accepting that leaves me speechless.




You're correct in describing this attack, which is on the TCP/IP stack in various Unix-like operating systems.

I was describing the behaviour of rather newer systems like QUIC, TLS 1.3 and WireGuard which have decided that maybe discretion is the best option.

It seems so far I confused everybody who read what I wrote, (at least everybody who replied) so I apologise for that.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: