|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Firewall comparison in Data Communications
Ray Hooker (rayhook
ibm.net)
Wed, 2 Jun 1999 09:47:55 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Joseph S D Yao: "Re: Interesting DNS Traffic"
- Previous message: dolskereston.wcom.net: "Re: Load balancer in lieu of firewall..."
- Next in thread: David T. Smith: "RE: Firewall comparison in Data Communications"
A source-routed packet is a packet which has the route information built
into it. Normally you rely on the route tables in the routers to forward
the traffic from one segment to another. One of the first ways to
"firewall" is to remove routes. The idea is that the network would be
unreachable. Actually the TCP/IP protocol provides for a mean to prespecify
the path the packet will follow in the packet header using the
"source-routing" feature. For that reason, simply removing routes alone is
not adequate security.
A good firewall should discard source-routed packets.
Ray
- Next message: Joseph S D Yao: "Re: Interesting DNS Traffic"
- Previous message: dolskereston.wcom.net: "Re: Load balancer in lieu of firewall..."
- Next in thread: David T. Smith: "RE: Firewall comparison in Data Communications"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:18:59 CDT