Arbor Networks DoS defense product

• Previous message (by thread): Arbor Networks DoS defense product
• Next message (by thread): Arbor Networks DoS defense product
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Unfortunately, things like TCP ECN and ICMP 'Frag Needed' are often considered
> > "funny packets".

> I know ECN etc have been used to evade firewalls but afaik have not been 
> known in and of themselves to compromise or crash hosts or make them do 
> any "funny things" besides dropping the packets outright.
> 
> If you have information to the contrary please let me know.

The ECN bits have been used in the past to do OS finger printing.
Not a big issue IMHO, but some people don't like it.


-- 
--------------------------------------------------------------------
jullrich at euclidian.com             Collaborative Intrusion Detection                                               join http://www.dshield.org

• Previous message (by thread): Arbor Networks DoS defense product
• Next message (by thread): Arbor Networks DoS defense product
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]