Firewalls: Re[4]: Ascend pipeline products.

Firewalls
(July 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re[4]: Ascend pipeline products.
From:	Brian Murrell <Brian_Murrell @ bctel . net>
Date:	Tue, 30 Jul 1996 07:09:32 -0700 (PDT)
To:	cmcurtin @ research . megasoft . com
Cc:	jeromie @ garrison . com, firewalls @ GreatCircle . COM
In-reply-to:	<199607301113 . HAA19837 @ goffette . research . megasoft . com>

from the quill of C Matthew Curtin <cmcurtin @
 research .
 megasoft .
 com> on
scroll <199607301113 .
 HAA19837 @
 goffette .
 research .
 megasoft .
 com>
> Do the Ascend products allow you to refuse fragmented packets, or to
> defrag them? If not, stateful packet filtering is pretty useless,
> given that a skilled attacker can simply frag the packet so that a
> decision is made on incomplete information (i.e., source/destination
> address, but not source/destination ports...)

Not sure.  While I know of the product and what is supposed to do, it
hasn't made it to the top of my processing stack yet.  Looking forward to
it though.

b.


--
Brian J. Murrell                                        Brian_Murrell @
 bctel .
 net
BCTel Advanced Communications                                   brian @
 ilinx .
 com
Vancouver, B.C.                                                brian @
 wimsey .
 com
604 454 5279

References:

Re: Re[2]: Ascend pipeline products.
From: C Matthew Curtin <cmcurtin @ research . megasoft . com>

Indexed By Date	Previous:	Re: Tell Me About It -- ISDN -- From: Trent_Phillips @ calgary . qc-data . com
Indexed By Date	Next:	DES code From: Srikant Mukherjee <srikant @ syl . nj . nec . com>
Indexed By Thread	Previous:	Re: Re[2]: Ascend pipeline products. From: C Matthew Curtin <cmcurtin @ research . megasoft . com>
Indexed By Thread	Next:	Re: Re[2]: Ascend pipeline products. From: Aydin Edguer <edguer @ MorningStar . Com>