Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Feature request, out-of order fragmentation

From: Sam Lavitt <sam.lavitt () gmail com>
Date: Fri, 14 May 2010 12:44:48 +0300
I have recently found myself working with a commercial firewall and
IDS that is unable to screen fragments that are delivered out-of-order
when under load (normally it will store until the fragments unil the
entire window arrives, but once it hits a preconfigured load
percentage, default 0 (so always), it will forward all fragments as
delivered after checking the individual fragment for payload.)

As a result, I'd like to see a feature for fragmentation and
transmission of packets out of order with a slight delay to make it
more likely for out-of-order delivery, leaving the host to reassemble
them.  This would effectively evade the product.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: