Why is tampering with the TTL of IP dangerous?

The TTL get decremented when it pass through a router. This makes sure that if the packet is traveling around in circles it will eventually die.

The TTL field of an IP v4 packet is an 8-bit field (255 decimal). So setting it high at the start it isn't a big deal since it can't actually be that large in a well-formed packet (Although, some things might accept malformed IP packets).

However, if something increments it, and the incrementation step is part of the loop, the packet could keep going in circles without ever reaching zero. Over time (could be very short, or a gradual leak), packets could build up in the system containing that loop causing it to overload.


The TTL on packets keeps routing sane, basically. If a packet were to have a very large TTL and was caught in a circular route for some reason, it could cause a ton of traffic (called a "packet storm") and interfere with normal operations. Too low TTL would result in loss of connectivity as you'd lose the packet before it reached the destination.