Firewall Wizards mailing list archives
RE: Borderware Ping Server
From: "Ofir Arkin" <ofir () sys-security com>
Date: Tue, 23 Oct 2001 15:01:33 +0200
I was refereeing to the Unused near the DF and MF bits, and not the unused which was with the TOS byte. Ofir -----Original Message----- From: Matthew Kirkwood [mailto:matthew () sphinx mythic-beasts com] On Behalf Of Matthew Kirkwood Sent: ג 23 אוקטובר 2001 14:05 To: Ofir Arkin Cc: firewall-wizards () nfr com Subject: RE: [fw-wiz] Borderware Ping Server On Sat, 20 Oct 2001, Ofir Arkin wrote:
We let the FW deal with only what we teach him to recognized, and what is a legitimate IPv4 traffic. This mean that if the firewall receives a packet with an Unused bit set, which is against the RFCs recommendations it drops it instantly because it is not a legit IPv4 traffic. No questions asked.
Actually, in this case and perhaps others (unknown IP or TCP options, for example) wouldn't the wisest approach be to zero the unknown bit? This is exactly what is causing so many problems with ECN at the moment. Matthew. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Borderware Ping Server Don Ng (Oct 09)
- Re: Borderware Ping Server Marcus J. Ranum (Oct 09)
- RE: Borderware Ping Server Ofir Arkin (Oct 17)
- RE: Borderware Ping Server Matthew Kirkwood (Oct 18)
- RE: Borderware Ping Server Marcus J. Ranum (Oct 18)
- RE: Borderware Ping Server Ofir Arkin (Oct 18)
- RE: Borderware Ping Server Marcus J. Ranum (Oct 20)
- RE: Borderware Ping Server Ofir Arkin (Oct 23)
- RE: Borderware Ping Server Matthew Kirkwood (Oct 23)
- RE: Borderware Ping Server Ofir Arkin (Oct 23)
- RE: Borderware Ping Server Ofir Arkin (Oct 17)
- Re: Borderware Ping Server Marcus J. Ranum (Oct 09)
- Re: Borderware Ping Server Paul Zatychec (Oct 18)
- <Possible follow-ups>
- RE: Borderware Ping Server Peter Cox (Oct 11)
- RE: Borderware Ping Server Don Ng (Oct 11)