North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Arbor Networks DoS defense product
> > Unfortunately, things like TCP ECN and ICMP 'Frag Needed' are often considered > > "funny packets". > I know ECN etc have been used to evade firewalls but afaik have not been > known in and of themselves to compromise or crash hosts or make them do > any "funny things" besides dropping the packets outright. > > If you have information to the contrary please let me know. The ECN bits have been used in the past to do OS finger printing. Not a big issue IMHO, but some people don't like it. -- -------------------------------------------------------------------- [email protected] Collaborative Intrusion Detection join http://www.dshield.org
|