Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RE: Borderware Ping Server

RE: Borderware Ping Server

From: Ofir Arkin <ofir_at_sys-security.com>
Date: Tue, 23 Oct 2001 15:01:33 +0200

I was refereeing to the Unused near the DF and MF bits, and not the
unused which was with the TOS byte.

Ofir

-----Original Message-----
From: Matthew Kirkwood [mailto:matthew_at_sphinx.mythic-beasts.com] On
Behalf Of Matthew Kirkwood
Sent: ג 23 אוקטובר 2001 14:05
To: Ofir Arkin
Cc: firewall-wizards_at_nfr.com
Subject: RE: [fw-wiz] Borderware Ping Server

On Sat, 20 Oct 2001, Ofir Arkin wrote:

> We let the FW deal with only what we teach him to recognized, and what
> is a legitimate IPv4 traffic. This mean that if the firewall receives
> a packet with an Unused bit set, which is against the RFCs
> recommendations it drops it instantly because it is not a legit IPv4
> traffic. No questions asked.

Actually, in this case and perhaps others (unknown IP or TCP
options, for example) wouldn't the wisest approach be to zero
the unknown bit?

This is exactly what is causing so many problems with ECN at
the moment.

Matthew.

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Received on Oct 23 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]