Re: Firewall-Wizards Digest V1 #311

Sandy Green (sand232yahoo.com)
Mon, 31 May 1999 10:42:45 -0700 (PDT)

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: The Unicorn: "Re: Interesting DNS Traffic"
• Next in thread: Matt Curtin: "Re: Firewall-Wizards Digest V1 #311"
• Reply: Matt Curtin: "Re: Firewall-Wizards Digest V1 #311"

The ablity to detect source route packets is
"generally" provided by the firewall software that one
installs. The driver in most of the firewalls detcts
the IP options in the IP packet and takes a decision
on the necessary action as configured.
The NT OS or the Unix OS do not detect source
routed packets. So one would need another software
to detect such packets, and one would in all
probability do this with a firewall software....

The point is that there are two different softwares---
the base Operating system and a firewall software.

thanks
sandy

Date: 24 May 1999 22:21:51 -0400
From: Matt Curtin <cmcurtininterhack.net>
Subject: Re: Firewall comparison in Data Communications

Hmm. I saw no mention of attempts to source-route traffic.

I have been told that NT doesn't have the ability to detect and block
source-routed packets. Are NT firewalls somehow detecting and
dropping these things these days? Or is it true that NT firewalls are
unable to block this attack without help from another component with
half a brain (i.e., having the access router drop source routed
stuff)?

- --
Matt Curtin cmcurtininterhack.net
http://www.interhack.net/people/cmcurtin/
_________________________________________________________
Do You Yahoo!?
Get your free yahoo.com address at http://mail.yahoo.com

• Next message: The Unicorn: "Re: Interesting DNS Traffic"
• Next in thread: Matt Curtin: "Re: Firewall-Wizards Digest V1 #311"
• Reply: Matt Curtin: "Re: Firewall-Wizards Digest V1 #311"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:18:59 CDT