Security Basics mailing list archives

DROP or REJECT FILTERS for fragmented TCP scans

From: Ali Saifullah Khan <saifullah () attitudex com>
Date: Wed, 16 Apr 2003 23:02:15 -0700 (PDT)

How effective ( if affective ) would either IPTABLES REJECT or DROP filters be in the case of fragmented scans where 
the TCP header is divided over a range of smaller packets ? 

Regards,
Ali Saifullah Khan

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! 
http://www.everyone.net/selectmail?campaign=tag

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------

Current thread:

DROP or REJECT FILTERS for fragmented TCP scans Ali Saifullah Khan (Apr 17)
- RE: DROP or REJECT FILTERS for fragmented TCP scans Jon Pastore (Apr 17)
- RE: DROP or REJECT FILTERS for fragmented TCP scans David Gillett (Apr 17)