Firewall Wizards mailing list archives
Re: firewall and multicast
From: Darren Reed <darrenr () cyber com au>
Date: Fri, 6 Mar 1998 17:23:52 +1100 (EST)
In some mail I received from George Wang, sie wrote
Hi, What are the firewalls that support multicast? Is there any security implications of that?
What do you mean here ? - tunnel from mbone to internal network (basically IP in IP) or - filter multicast IP addresses There is no TCP support for multicast. If you can sneak a packet into a network using a multicast address as the source address, then there are other problems with the setup. For a packet to reach a destination with a multicast address as the destination, you need either (a) operational LSRR (this killed quite a few routers in the early days of mbone :) or (b) a tunnel that you can use to get to that site or (c) there's multicast support from routers all the way - not very common. The only real impact multicast is going to have is on those that attempt to only block the "bad things" and allow everything else through. Darren
Current thread:
- firewall and multicast George Wang (Mar 05)
- Re: firewall and multicast Darren Reed (Mar 06)
- Re: firewall and multicast Adam Shostack (Mar 06)
- <Possible follow-ups>
- RE: firewall and multicast Safier, Adam (GEIS) (Mar 07)