Well then .. I am happy that non of the firewalls I use accept or pass fragments packets.
Michael. On Sat, 13 Dec 2003 15:04:10 -0500 [EMAIL PROTECTED] wrote: > On Sat, 13 Dec 2003 03:35:25 MST, Michael Gale > <[EMAIL PROTECTED]> said: > > > For example the BorderWare Firewall will not accept fragmented > > packets, they are working on a firewall function that when > > fragmented packets arrive. It will save the first piece plus all > > frags until the final one is received. But the packet back together > > and do a sanity check of some sort. Then pass or drop the packet. > > So the problem is that the host may re-assemble a fragmented packet > with injected data in it. > > And we protect against it by.... you got it.. having the firewall > re-assemble the fragmented packet with injected data and then handing > the re-assembled full packet (with injected data) to the host. > > Whoops. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
