DROP or REJECT FILTERS for fragmented TCP scans

From: Ali Saifullah Khan (saifullah@attitudex.com)
Date: 04/17/03

Next message: Steve.Kirby@sealedair.com: "Re: Zenworks"

Previous message: Quynh Nguyen Anh: "how to discover vulnerability?"
Next in thread: Jon Pastore: "RE: DROP or REJECT FILTERS for fragmented TCP scans"
Reply: Jon Pastore: "RE: DROP or REJECT FILTERS for fragmented TCP scans"
Reply: David Gillett: "RE: DROP or REJECT FILTERS for fragmented TCP scans"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 16 Apr 2003 23:02:15 -0700 (PDT)
From: Ali Saifullah Khan <saifullah@attitudex.com>
To: security-basics@securityfocus.com

How effective ( if affective ) would either IPTABLES REJECT or DROP filters be in the case of fragmented scans where the TCP header is divided over a range of smaller packets ?

Regards,
Ali Saifullah Khan

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Select your own custom email address for FREE! Get you@yourchoice.com w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts. The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches. Deadline for the best rates is April 25. Register today to
ensure your place. http://www.securityfocus.com/BlackHat-security-basics
----------------------------------------------------------------------------

Next message: Steve.Kirby@sealedair.com: "Re: Zenworks"

Previous message: Quynh Nguyen Anh: "how to discover vulnerability?"
Next in thread: Jon Pastore: "RE: DROP or REJECT FILTERS for fragmented TCP scans"
Reply: Jon Pastore: "RE: DROP or REJECT FILTERS for fragmented TCP scans"
Reply: David Gillett: "RE: DROP or REJECT FILTERS for fragmented TCP scans"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: interoperability of VPN checkpoint FW1 to ISA
... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... Training features 6 hand-on courses on May 12-13 taught by professionals. ... Register today to ...
(Focus-Microsoft)
RE: interoperability of VPN checkpoint FW1 to ISA
... However, CheckPoint has one little ... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... Training features 6 hand-on courses on May 12-13 taught by professionals. ...
(Focus-Microsoft)
RE: interoperability of VPN checkpoint FW1 to ISA
... If you are not the intended recipient be aware that any ... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... Training features 6 hand-on courses on May 12-13 taught by professionals. ...
(Focus-Microsoft)
RE: Log on the domain
... whether a given user account can be used from the "console" keyboard ... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... Training features 6 hand-on courses on May 12-13 taught by professionals. ...
(Security-Basics)
Re: Zenworks
... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... world's premier event for IT and network security experts. ... Training features 6 hand-on courses on May 12-13 taught by professionals. ...
(Security-Basics)