문제
I have a JAX-RS web service which is secured via TLS. Hence encryption is very important I decided to check the network traffic with RawCap and analyze it with WireShark. Doing this, I stumbled over the following message:
https://stackoverflow.com/questions/16815008
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianHeader checksum: 0x0000 [incorrect, should be 0xac15 (may be caused by "IP checksum offload"?)]
I'm pretty sure that it isn't a problem with my RESTEasy client, because retrieving a ressource via FireFox causes the same message.
해결책
This doesn't come from your application - it is caused by the TCP/IP stack. Many implementations do not (or not always) fill in the header checksum, leaving it a 0x0000.
As Wireshark indicated, one reason for this is, that some combinations of OS and NIC driver make the OS think, that the checksum will be filled in by the NIC (hardware-accelerated), but in fact it will be not.
This is not a real problem, as long as your transmission path is reliable. AFAIK it is not a security risk.
다른 팁
Was this an outgoing packet?
As the error message suggests, IP checksum offload is enabled. This means that the computer’s TCP/IP stack does not calculate the checksum. Instead the NIC hardware does the calculation before sending the packet out.
This is not a real error. You can safely ignore it.
in this case, the checksum field has been ignored with no consequences. However, the checksum field in general in intended to verify integrity of a packet. An incorrect checksum generally indicates errors (possibly EMI) or loss of integrity and may indicate a compromise.
