Re: [fw-wiz] Best way to drop forged TCP packets with RST flag set from comcast traffic shaping devices with iptables



On Mon, 7 Apr 2008 19:58:33 -0700
"Chris Smith" <chris.smith@xxxxxxxxxxx> wrote:

Hi all,



I found this while reading Slashdot today, and decided to ask about
it.



http://systems.cs.colorado.edu/mediawiki/index.php/Broadband_Network_Man
agement

Go read it again; they retracted everything because it was their own
NAT box that was sending the RSTs...


--Steve Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards