Firewall Wizards: RE: FW Sequence Number based statefulness

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Firewall Wizards mailing list archives

RE: FW Sequence Number based statefulness

From: Carson Gaspar <carson () taltos org>
Date: Mon, 14 May 2001 14:37:43 -0700

--On Monday, May 14, 2001 2:18 PM -0700 Peter Crocker<pcrocker () netscreen com> wrote:

window. (The window may use an appropriately selected fixed value, say 32
or 64K, rather than strictly monitoring the window. The implementation

No, it may not. If you do, you'll break large window support. You eithermust make it the largest legal scaled window (which makes for rather easysequence spoofing), or you have to monitor the actual window negotiation,or (best) monitor the actual windows being transmitted.


--
Carson

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

By Date By Thread

Current thread:

RE: FW Sequence Number based statefulness Peter Crocker (May 16)
- RE: FW Sequence Number based statefulness Nimesh vakharia (May 16)
- RE: FW Sequence Number based statefulness Carson Gaspar (May 16)
- RE: FW Sequence Number based statefulness Ofir Arkin (May 16)
- <Possible follow-ups>
- RE: FW Sequence Number based statefulness Nimesh vakharia (May 16)