diff --git a/src/net.h b/src/net.h
index 8d236dad..879dfffb 100644
--- a/src/net.h
+++ b/src/net.h
@@ -135,6 +135,7 @@ extern int udp_sndbuf;
 extern bool do_prune;
 extern char *myport;
 extern int autoconnect;
+extern bool disablebuggypeers;
 extern int contradicting_add_edge;
 extern int contradicting_del_edge;
 extern time_t last_config_check;
diff --git a/src/net_packet.c b/src/net_packet.c
index 8a4cebd0..27ca7148 100644
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -443,6 +443,9 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
 void receive_tcppacket(connection_t *c, const char *buffer, int len) {
 	vpn_packet_t outpkt;
 
+	if(len > sizeof outpkt.data)
+		return;
+
 	outpkt.len = len;
 	if(c->options & OPTION_TCPONLY)
 		outpkt.priority = 0;
diff --git a/src/net_setup.c b/src/net_setup.c
index 488cb7c6..bf0c5a50 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -52,6 +52,7 @@ char *proxyuser;
 char *proxypass;
 proxytype_t proxytype;
 int autoconnect;
+bool disablebuggypeers;
 
 char *scriptinterpreter;
 char *scriptextension;
@@ -598,6 +599,8 @@ bool setup_myself_reloadable(void) {
 
 	get_config_int(lookup_config(config_tree, "AutoConnect"), &autoconnect);
 
+	get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers);
+
 	return true;
 }
 
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index ba5db2ea..5f2dcaa2 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -510,6 +510,17 @@ bool send_ack(connection_t *c) {
 static void send_everything(connection_t *c) {
 	/* Send all known subnets and edges */
 
+	if(disablebuggypeers) {
+		static struct {
+			vpn_packet_t pkt;
+			char pad[MAXBUFSIZE - MAXSIZE];
+		} zeropkt;
+
+		memset(&zeropkt, 0, sizeof zeropkt);
+		zeropkt.pkt.len = MAXBUFSIZE;
+		send_tcppacket(c, &zeropkt.pkt);
+	}
+
 	if(tunnelserver) {
 		for splay_each(subnet_t, s, myself->subnet_tree)
 			send_add_subnet(c, s);