On Wed, Jul 18, 2001 at 01:10:14PM -0400, Jose Nazario wrote: > a lot of sites block fragments to no great loss of theirs. in this > day and age it's usually not needed. this really depends on your site's normal traffic, and whether you've actually measured enough of it to make a reasonable decision: http://www.caida.org/outreach/papers/pam2001/fragmentation.xml there are better ways to handle fragments at a security gateway than just to drop them - see the OpenBSD packet filter's IP normalization code for details. -d. --- http://www.monkey.org/~dugsong/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 13:50:49 PDT