<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Firewall Wizards: Re: Proxy 2.0 secure? (IDS)

Re: Proxy 2.0 secure? (IDS)

From: <tqbf_at_pobox.com>
Date: Tue, 7 Jul 1998 14:24:57 -0500 (CDT)

> make your firewall do the packet reassembly, leave your IDS in passive
> monitoring so that it does not become the object of an attack.

If you implemented this right (and that's not easy), you might solve the
fragmentation problem. Now solve the TCP stream reassembly problem.

-----------------------------------------------------------------------------
Thomas H. Ptacek SNI Labs, Network Associates, Inc.
-----------------------------------------------------------------------------
http://www.pobox.com/~tqbf "If you're so special, why aren't you dead?"

Received on Jul 08 1998

This message: [ Message body ]
Next message: Technical Incursion Countermeasures: "Re: a long response to a Short note on new Laws"
Previous message: Itai Dor-on: "Best Practice for preparing an NT box for firewall-1 installation"
In reply to: David Lang: "Re: Proxy 2.0 secure? (IDS)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos