From owner-freebsd-security  Sun Sep  3 20:46: 0 2000
Delivered-To: freebsd-security@freebsd.org
Received: from cairo.anu.edu.au (cairo.anu.edu.au [150.203.224.11])
	by hub.freebsd.org (Postfix) with ESMTP
	id 45C9A37B423; Sun,  3 Sep 2000 20:45:56 -0700 (PDT)
Received: (from avalon@localhost)
	by cairo.anu.edu.au (8.9.3/8.9.3) id OAA24476;
	Mon, 4 Sep 2000 14:45:41 +1100 (EST)
From: Darren Reed <avalon@coombs.anu.edu.au>
Message-Id: <200009040345.OAA24476@cairo.anu.edu.au>
Subject: Re: ipfw and fragments
To: nate@yogotech.com
Date: Mon, 4 Sep 2000 14:45:41 +1100 (Australia/NSW)
Cc: billf@chimesnet.com (Bill Fumerola),
	avalon@coombs.anu.edu.au (Darren Reed),
	rwatson@FreeBSD.ORG (Robert Watson), dr@kyx.net (Dragos Ruiu),
	cjclark@alum.mit.edu, cjclark@reflexnet.net (Crist J . Clark),
	list@rachinsky.de (Nicolas), freebsd-security@FreeBSD.ORG
In-Reply-To: <200009040233.UAA12035@nomad.yogotech.com> from "Nate Williams" at Sep 03, 2000 08:33:53 PM
X-Mailer: ELM [version 2.5 PL1]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Nate Williams, sie said:
> 
> > > It never reassembles and doesn't hold them in a buffer until they're
> > > all received either.
> > 
> > Which I still think is the proper behavior for both ipfw and ipfilter.
> 
> I can think of some trivially easy DoS attacks if this is done...

Ummm, what exactly would you be inflicting a DoS attack on ?

Darren


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message