Date: Tue, 22 May 2001 18:08:28 -0700 From: "Crist Clark" <crist.clark@globalstar.com> To: diman <diman@asd-g.com> Cc: Lowell Gilbert <lowell@world.std.com>, freebsd-security@FreeBSD.ORG Subject: Re: IPFW Rule -1 Always = Attack? Message-ID: <3B0B0D8C.3ADA76C1@globalstar.com> References: <Pine.BSF.4.21.0105221226100.202-100000@portal.none.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
diman wrote: [snip] > It might be 'icmp: reassembly time exceed' or something else - it's > OS/Setup dependant. It might need more than 1 packet, but my point > is: "rule -1" can be used for ipfw detection/identification. > There are no much security risk unless u wanna hide ur frierwall from > peoples looks. I cannot say for sure, but I would expect that there are many firewall implementations that drop these kinds of fragments unconditionally. -- Crist J. Clark Network Security Engineer crist.clark@globalstar.com Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmaster@globalstar.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B0B0D8C.3ADA76C1>