Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewall-Wizards Digest V1 #311

From: Sandy Green <sand232 () yahoo com>
Date: Mon, 31 May 1999 10:42:45 -0700 (PDT)
The ablity to detect source route packets is 
"generally" provided by the firewall software that one
installs. The driver in most of the firewalls detcts
the IP options in the IP packet and takes a decision
on the necessary action as configured.
The NT OS or the Unix OS do not detect source
routed packets. So one would need another software
to detect such packets, and one would in all 
probability do this with a firewall software....

The point is that there are two different softwares---
the base Operating system and a firewall software.

thanks
sandy

Date: 24 May 1999 22:21:51 -0400
From: Matt Curtin <cmcurtin () interhack net>
Subject: Re: Firewall comparison in Data Communications

Hmm.  I saw no mention of attempts to source-route traffic.

I have been told that NT doesn't have the ability to detect and block
source-routed packets.  Are NT firewalls somehow detecting and
dropping these things these days?  Or is it true that NT firewalls are
unable to block this attack without help from another component with
half a brain (i.e., having the access router drop source routed
stuff)?

- -- 
Matt Curtin cmcurtin () interhack net
http://www.interhack.net/people/cmcurtin/
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Previous By Date Next
Previous By Thread Next

Current thread: