In some mail from Sebastian Niehaus, sie said: > > [...] > > | What existing functionality is changing in Service Pack�2 for Windows > | XP? > | > | > | Enhanced multicast and broadcast support > | > | Detailed description > | > | Multicast and broadcast network traffic differ from unicast traffic > | because the response comes from an unknown host. As such, stateful > | filtering prevents the response from being accepted. This stops a > | number of scenarios from working, ranging from streaming media to > | discovery. > | > | > | To enable these scenarios, Windows Firewall will allow a unicast > | response for 3�seconds from any source address on the same port from > | which the multicast or broadcast traffic originated. > > Sounds like a broken concept, as always. Eh?
Not necessarily. Details are always in the implementation (and I think that description is likely worded wrongly.) This has much bigger significance for IPv6 where ARP messages have been replaced with ICMPv6 messages. Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
