Date: Mon, 4 Sep 2000 10:25:45 -0600 (MDT) From: Nate Williams <nate@yogotech.com> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: nate@yogotech.com, billf@chimesnet.com (Bill Fumerola), rwatson@FreeBSD.ORG (Robert Watson), dr@kyx.net (Dragos Ruiu), cjclark@alum.mit.edu, cjclark@reflexnet.net (Crist J . Clark), list@rachinsky.de (Nicolas), freebsd-security@FreeBSD.ORG Subject: Re: ipfw and fragments Message-ID: <200009041625.KAA14327@nomad.yogotech.com> In-Reply-To: <200009040345.OAA24476@cairo.anu.edu.au> References: <200009040233.UAA12035@nomad.yogotech.com> <200009040345.OAA24476@cairo.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > It never reassembles and doesn't hold them in a buffer until they're > > > > all received either. > > > > > > Which I still think is the proper behavior for both ipfw and ipfilter. > > > > I can think of some trivially easy DoS attacks if this is done... > > Ummm, what exactly would you be inflicting a DoS attack on ? The firewall. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009041625.KAA14327>