RE: Proxy 2.0 secure? (about ms protocol stack)

[Eric Arnold <earnold () hitech eds com>]

At 10:52 AM 06/25/98 -0700, Choi, Byoung wrote:
> normally, i'll try to keep my mouth shut, but...
>
> ms tcp/ip stack is substantially less mature than, say, unix' (both bsd
> & s5, i don't know what else is there to compare...).   ms stack seems
> particularly vulnerable to faulty ip fragments, and various malformed
> packets.   we tried various ways to tighten up the nt box - take out
> most of the ms net services, disable all tcp/ip ports except for a few
> that are used, and the machine still chokes (even when the malformed
> packet/packet fragments are addressed to ports that are disabled).
> this isn't a issue of how resilient the protocol stack is, but a issue
> of whether it can handle any unusual (but very much possible and maybe
> even probable) contigents, as it must - i.e. whether it is functioning
> at all as it is supposed to.

This is fixed (at least the known probs) by installing the teardrop2 hotfix
available from the MS website.


_________________________________________________

Eric Arnold              | "Uh,... okay, I get it. So what?"
earnold () hitech eds com   |        - Albert Einstein
EDS/Philips, Sunnyvale   |   "Einstein's Conversations with Derrida"