Bugtraq mailing list archives

Re: Remote DoS in Axent's Raptor 6.0

From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Wed, 27 Oct 1999 16:25:43 -0400

OTOH, anybody who truly cares about security is blocking _all_ IP
options at their border router, long before the packet is seen by any
firewall.


Thereby breaking any number of useful things that can be done with
things like timestamp options.

If you really care about security, use bloody decent OSes so that you
don't flippin' *need* to block IP options, you don't *need* a firewall!
Options are there because they're useful and support valuable
facilities.  Block 'em if you like, but you'll get no sympathy from
*me* when something breaks for you as a result.

                                        der Mouse

                               mouse () rodents montreal qc ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Current thread:

Re: Remote DoS in Axent's Raptor 6.0 Inc, MSG.Net (Oct 26)
- <Possible follow-ups>
- Re: Remote DoS in Axent's Raptor 6.0 der Mouse (Oct 27)
- Re: Remote DoS in Axent's Raptor 6.0 Kuff, Hal (Oct 28)
  - Blocking IP Options (was Re: Remote DoS in Axent's Raptor 6.0) kadokev () MSG NET (Oct 28)