Take the following scenario
. Host A (Firewall) sets up and is using tcp session to Host B somewhere
on the Internet.
. Hacker on Host C on the Internet sees this sesssion and sends a tcp
TH_RST to host A (with correct ports etc), faking he is coming from B.
. A's session then resets itself and shuts down.
The more general case is C says he is B on say port 23, and sprays all
ports on A with TH_RST packets.
Is there any way of preventing this sort of malicious denial of service
Jon Shallow, Harris Computer Systems Corporation
Tel +44 (0) 1276 686886
Fax +44 (0) 1276 678733