Firewall Wizards mailing list archives
RE: Proxy 2.0 secure? (about ms protocol stack)
From: Eric Arnold <earnold () hitech eds com>
Date: Thu, 25 Jun 1998 20:47:40 -0700
At 10:52 AM 06/25/98 -0700, Choi, Byoung wrote:
normally, i'll try to keep my mouth shut, but... ms tcp/ip stack is substantially less mature than, say, unix' (both bsd & s5, i don't know what else is there to compare...). ms stack seems particularly vulnerable to faulty ip fragments, and various malformed packets. we tried various ways to tighten up the nt box - take out most of the ms net services, disable all tcp/ip ports except for a few that are used, and the machine still chokes (even when the malformed packet/packet fragments are addressed to ports that are disabled). this isn't a issue of how resilient the protocol stack is, but a issue of whether it can handle any unusual (but very much possible and maybe even probable) contigents, as it must - i.e. whether it is functioning at all as it is supposed to.
This is fixed (at least the known probs) by installing the teardrop2 hotfix available from the MS website. _________________________________________________ Eric Arnold | "Uh,... okay, I get it. So what?" earnold () hitech eds com | - Albert Einstein EDS/Philips, Sunnyvale | "Einstein's Conversations with Derrida"
Current thread:
- RE: Proxy 2.0 secure? (about ms protocol stack) Choi, Byoung (Jun 25)
- Re: Proxy 2.0 secure? (about ms protocol stack) tqbf (Jun 26)
- <Possible follow-ups>
- RE: Proxy 2.0 secure? (about ms protocol stack) Eric Arnold (Jun 26)
- RE: Proxy 2.0 secure? (about ms protocol stack) Choi, Byoung (Jun 26)