[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP small fragments



In message <BB6D74C75CC76A419B6D6FA7C38317B2628B83@sinett-sbs.SiNett.LAN>, "Vis
hwas Manral" writes:
>Hi Pall,
>
>We are not talking about right implementations of IP fragmentation. We are tal
>king about what firewalls do in case of small fragments hwhich can be caused b
>y an attack. 
>
>Are such fragments discarded by the firewall in ISP(is it an option to discard
> it)?
>

The problem is very well known in the firewall community.  For that 
matter, see RFC 1858, which documents it.  I believe that most firewall 
products handle it properly.

		--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb