On Mon, Mar 13, 2000 at 05:01:06PM +0100, Tamas TEVESZ wrote: > am i understing right that this allows the inbound side of > (claimed to be) established connections _that do not have an entry in > the state table_ ? (ie. never been ``initialized'' properly, at > least without the fw putting an entry in the state table?)
Yes. > if it's so, then, imho, it's crap. if not, then either the fw has some > seriuos problems (connections made through it and it does not know > about), or i don't get the whole picture at all... I'm afraid you're right. That's exactly what I think. But I have yet to find an explanation or a proof that convinces the upstream author. :-) Any exploit would do of course. Michael -- Michael Meskes | Go SF 49ers! Th.-Heuss-Str. 61, D-41812 Erkelenz | Go Rhein Fire! Tel.: (+49) 2431/72651 | Use Debian GNU/Linux! Email: [email protected] | Use PostgreSQL!
