"Ronald F. Guilmette" <[email protected]> writes: > I also have a question.... > > If one manages a system where (a) all local user accounts are completely > and 100% trustworthy and where (b) one has in place ipfw rules which reject > all incoming packet *fragments* on all outward-facing interfaces, then is > this security problem (relating to the reassembly queue) an issue at all > for said system? Or is it rather a non-event in such contexts?
That should keep you safe, but it will break some legitimate connections, not to mention MTU discovery. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
