At 01:15 PM 3/5/96 EST, Barney Wolff wrote:
>>At least two fragments are sent. (It may require a third.)
>>A) FO=0 length >= 16 [i.e. A complete header ]
>>B) FO=0, length 8 bytes [i.e. Ports & Sequence number only]
>The key to defeating this is to drop fragment B. While it is strictly
>speaking legal, in practice it's all but certain to be an attack and
>nothing is lost by dropping it.
Paul Ferguson || ||
Consulting Engineering || ||
Reston, Virginia USA |||| ||||
tel: +1.703.716.9538 ..:||||||:..:||||||:..
e-mail: pferguso @
com c i s c o S y s t e m s