Firewall Wizards mailing list archives

Re: COmpare Firewalls

From: Darren Reed <darrenr () reed wattle id au>
Date: Sat, 11 Sep 1999 05:29:59 +1000 (EST)

In some email I received from Robert Graham, sie wrote:


--- Joe Ippolito <joe () joesnet com> wrote:

I know that MS has addressed problems like "ping of death" to NT with
previous service packs;  See
http://support.microsoft.com/support/kb/articles/Q132/4/70.asp for a really
old one.  Does anyone out there know whether NT 4 SP5 (without MS Proxy's
packet filter) is still vulnerable to such attacks?  Just curious.


The IGMP fragmentation attack is post-SP5 and affected Win98 and Win2k. I've
heard rumours that it also affected WinNT.


Doesn't the fact that the various Microsoft products all seem to have
problems with fragmentation ring any bells in people's heads about *bad*
IP implementation ?  Seems to me like they push the defragmentation *up*
a layer (probably for some perceived speed advantage) and in doing so
have created the `same' problem in each of your TCP, UDP, ICMP, IGMP, etc,
rather than just once in IP.

Darren

Current thread:

Re: COmpare Firewalls, (continued)
- - - Re: COmpare Firewalls Dameon D. Welch (Sep 08)
    - RE: COmpare Firewalls Joe Ippolito (Sep 09)
    - Re: COmpare Firewalls Darren Reed (Sep 09)
    - RE: COmpare Firewalls Joe Ippolito (Sep 09)
- Re: COmpare Firewalls Ryan Russell (Sep 06)
- RE: COmpare Firewalls Paul McNabb (Sep 07)
- RE: COmpare Firewalls Ryan Russell (Sep 07)
- RE: COmpare Firewalls Kertesz, Imre (Sep 08)
  - Re: COmpare Firewalls Crispin Cowan (Sep 10)
- RE: COmpare Firewalls Robert Graham (Sep 10)
  - Re: COmpare Firewalls Darren Reed (Sep 10)
- RE: COmpare Firewalls Ryan Russell (Sep 10)
- Re: COmpare Firewalls Robert Graham (Sep 11)