|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [Re: [Re: M$SQL cleanup incentives]]
> BB> DNS clients will eventually timeout and fall back to another > BB> server, so any problems would be transient, but the packets > BB> were legit, right? > > Stateful packet filters are nice. Properly written, they protect > both inbound and outbound traffic and need to track very little > state. Stateful packet filtering by C sitting between A and B is fallacy since in order for C to make an intelligent decision it may need to know the details of every possible communication protocol used by A and B. Alex
|