Matthew Toseland wrote: > It's unnecessary anyway because it only applies to TCP. It does however > tell us something very interesting and useful: The firewall is stateless !! heh, it would be damn expensive to do that in a stateful way.
let's see: >1. Timing. >2. Packet size. >3. It's not a known protocol, therefore it must be bad. >4. Flow analysis. either way it might be too expensive or require a stateful filter