Re: [fw-wiz] A fun smackdown...
From: Don Kendrick (don_at_hawaiidon.com)
Date: 05/22/05
- Previous message: Bill Royds: "RE: [fw-wiz] A fun smackdown..."
- In reply to: Marcus J. Ranum: "Re: [fw-wiz] A fun smackdown..."
- Next in thread: Paul D. Robertson: "Re: [fw-wiz] A fun smackdown..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Marcus J. Ranum" <mjr@ranum.com> Date: Sun, 22 May 2005 13:07:02 -0400
It seems every couple years (now almost 7 years) we have a debate about
PMTU. Here we all are in 1998...follow the thread from this post:
http://seclists.org/lists/firewall-wizards/1998/Jun/0021.html
BTW, I stopped ICMP at the border back then and I still stop it today.
Don
On May 21, 2005, at 3:59 PM, Marcus J. Ranum wrote:
> Steven M. Bellovin wrote:
>> Path MTU was standardized in RFC 1191, from November 1990. Virtually
>> no
>> one had firewalls back then. It didn't "ignore existing
>> implementations of security systems" because there were almost none.
>
> I stand corrected on the history of PMTUD.
>
> There weren't a lot of people screening ICMP at that point, either,
> though
> I believe most routers had the capability to do so.
>
> It stands to reason, then, that PMTUD should be fixed, rather than
> expecting everyone to drop their drawers and grip their ankles for a
> good ICMP'ing.
>
> mjr.
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Bill Royds: "RE: [fw-wiz] A fun smackdown..."
- In reply to: Marcus J. Ranum: "Re: [fw-wiz] A fun smackdown..."
- Next in thread: Paul D. Robertson: "Re: [fw-wiz] A fun smackdown..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
