Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewalls that generate new packets..

From: John Adams <jna () retina net>
Date: Wed, 14 Nov 2007 15:56:08 -0800
One issue that happened many years ago was that certain Windows TCP/ 
IP implementations would allocate the packet in memory and then write  
the outgoing data into the allocated space.

The remainder of the packet (MTU - data_length) would contain  
whatever garbage was lying around the sending computer's memory  
space. Over time, this would leak large portions of memory out the  
network port.

A firewall that copied data into a fresh, initialized packet would  
avoid this information leak.

I can't see any disadvantages to using this approach. Packets with  
improper length and header information would be truncated or dropped  
by the firewall, and that's probably a good thing.

-j


On Nov 13, 2007, at 7:58 PM, Kelly Robinson wrote:


Some firewalls, after receiving a packet, generate a new packet and  
populate it with data from the original, rather than forwarding the  
same packet that was received. What are the advantages and  
disadvantages of this approach? And does anyone have any examples  
of any firewalls that do this on the market?

Thanks

- k
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: