Re: Remote DoS in Axent's Raptor 6.0

der Mouse (mouseRODENTS.MONTREAL.QC.CA)
Wed, 27 Oct 1999 16:25:43 -0400

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Bill Nottingham: "(no subject)"
• Previous message: Brumbles: "Re: IBM AIX Packet Filter module (followup)"
• In reply to: Troy A. Bollinger: "Re: IBM AIX Packet Filter module"
• Next in thread: Kuff, Hal: "Re: Remote DoS in Axent's Raptor 6.0"

> OTOH, anybody who truly cares about security is blocking _all_ IP
> options at their border router, long before the packet is seen by any
> firewall.

Thereby breaking any number of useful things that can be done with
things like timestamp options.

If you really care about security, use bloody decent OSes so that you
don't flippin' *need* to block IP options, you don't *need* a firewall!
Options are there because they're useful and support valuable
facilities. Block 'em if you like, but you'll get no sympathy from
*me* when something breaks for you as a result.

                                        der Mouse

                               mouserodents.montreal.qc.ca
                     7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B

• Next message: Bill Nottingham: "(no subject)"
• Previous message: Brumbles: "Re: IBM AIX Packet Filter module (followup)"
• In reply to: Troy A. Bollinger: "Re: IBM AIX Packet Filter module"
• Next in thread: Kuff, Hal: "Re: Remote DoS in Axent's Raptor 6.0"

This archive was generated by hypermail 2.0b3 on Thu Oct 28 1999 - 13:14:18 CDT