Better safe than sorry: While designing the new code for p0f, I decided to implement a number of sanity checks to detect even the most bizarre, unlikely, or unheard of patterns in incoming traffic, covering all possible illegal or meaningless combinations of TCP/IP settings. Although common sense suggested I should never encounter packets that have their parameters mangled in bizarre ways (at least not when communicating with popular and thus well-tested systems), there seemed to be no harm in implementing this functionality. Too, if a system indeed turned out to be sending packets that exhibited a particular type of anomaly, the ability to detect it would provide an excellent way to tell this particular OS from similar-looking ...