On Sunday 06 December 2009 08:03:53 Todd Eddy wrote: > Dropping packets that come in on unknown ports (called Stealthing) is > actually against the official RFC. But it's done for security.
I don't quote see what security is gained, but replying with icmp packets on
unused ports does lend itself to a bit of abuse (send TCP SYN with spoofed
sender address to known-closed ports and you can send ICMP packets to some 3rd
party host.) But since fewer and fewer routers will route packets with
seriously spoofed sender addresses (i.e. not from the local net), the attack
window is a bit narrow.
cheers
-- vbi
--
there was a poetic infection
which distorted the kernel's direction
the code got no time
as they all tried to rhyme
and it shipped needing lots of correction
-- Rusty Russell
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
