Re: TCP question
On Mon, Mar 13, 2000 at 05:01:06PM +0100, Tamas TEVESZ wrote:
> am i understing right that this allows the inbound side of
> (claimed to be) established connections _that do not have an entry in
> the state table_ ? (ie. never been ``initialized'' properly, at
> least without the fw putting an entry in the state table?)
> if it's so, then, imho, it's crap. if not, then either the fw has some
> seriuos problems (connections made through it and it does not know
> about), or i don't get the whole picture at all...
I'm afraid you're right. That's exactly what I think. But I have yet to find
an explanation or a proof that convinces the upstream author. :-)
Any exploit would do of course.
Michael Meskes | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz | Go Rhein Fire!
Tel.: (+49) 2431/72651 | Use Debian GNU/Linux!
Email: Michael@Fam-Meskes.De | Use PostgreSQL!