Great Circle Associates Firewalls
(November 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Ever seen this in practice??
From: Malcolm Mladenovic <mbm @ fjcomp . com>
Organization: Fujitsu, Bracknell, Berkshire, UK
Date: Thu, 6 Nov 1997 11:14:19 +0000 (GMT)
To: cbrenton @ sover . net
Cc: firewalls @ greatcircle . com
In-reply-to: <345E8D1E . D9F2ABEC @ sover . net> from "Chris Brenton" at Nov 3, 97 09:49:02 pm
Reply-to: mbm @ fjcomp . com (Malcolm Mladenovic) 
> So has anyone actually ever seen this before? If so, how does a firewall
> deal with this type of connection? This would speak volumes to
> inspecting payload. I would assume that a firewall/filter that simply
> makes decisions based upon the data located at a certain offset from the
> preamble field would probably miss this.

Sounds like TMux - RFC 1692.  I don't know what its current status is.
There is a paragraph in the RFC suggesting that non-TMux routers should
be set to block all TMux packets - causing the hosts to fall back to normal.

-Malcolm
Follow-Ups:
References:
Indexed By Date Previous: Cisco config examples
From: anton horvath <hvt @ vie . co . at>
Next: Re: SSL WatchGuard
From: mht @ clark . net
Indexed By Thread Previous: Re: Ever seen this in practice??
From: Bernd Eckenfels <lists @ lina . inka . de>
Next: Re: Ever seen this in practice??
From: Chris Brenton <cbrenton @ sover . net>
Google
 
Search Internet Search www.greatcircle.com