Date: Fri, 18 May 2001 10:32:24 -0700 From: "D. W. Piper" <dwplists@loop.com> To: <freebsd-security@FreeBSD.ORG> Subject: IPFW Rule -1 Always = Attack? Message-ID: <046c01c0dfc0$833e7fc0$213cd3cf@loop.com> References: <200105181518.WAA12362@bazooka.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi everyone, If I understand things correctly from the archives and the IPFW man page, IPFW rule -1 is built into the firewall, and only applies to rejecting IP fragments with a fragment offset of one. The man page further states, "This is a valid packet, but it only has one use, to try to circumvent firewalls." Does that mean that every packet dropped by rule -1 indicates a deliberate attempt to circumvent the firewall, and should be reported to the appropriate network administrator for the source IP address? TIA, David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?046c01c0dfc0$833e7fc0$213cd3cf>