[47874] in North American Network Operators' Group
Re: Arbor Networks DoS defense product
daemon@ATHENA.MIT.EDU (Dan Hollis)
Fri May 17 13:54:12 2002
Date: Fri, 17 May 2002 10:53:31 -0700 (PDT)
From: Dan Hollis <goemon@anime.net>
To: Valdis.Kletnieks@vt.edu
Cc: nanog@merit.edu
In-Reply-To: <200205171315.g4HDFQmD005127@turing-police.cc.vt.edu>
Message-ID: <Pine.LNX.4.44.0205171050350.5947-100000@sasami.anime.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 17 May 2002 Valdis.Kletnieks@vt.edu wrote:
> On Thu, 16 May 2002 14:44:58 PDT, Dan Hollis said:
> > On Thu, 16 May 2002, Dragos Ruiu wrote:
> > > I can't help it if your host does funny things when I send them funny
> > > packets.... :-)
> > Why are you sending funny packets?
> Unfortunately, things like TCP ECN and ICMP 'Frag Needed' are often considered
> "funny packets".
> http://www.ietf.org/internet-drafts/draft-floyd-tcp-reset-04.txt
I know ECN etc have been used to evade firewalls but afaik have not been
known in and of themselves to compromise or crash hosts or make them do
any "funny things" besides dropping the packets outright.
If you have information to the contrary please let me know.
-Dan
--
[-] Omae no subete no kichi wa ore no mono da. [-]
