|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: IDS bypassing
From: charles lindsay <frostbackeng(at)lycos.com>
Date: Mon Dec 30 2002 - 14:56:16 EST
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus Received on Mon Dec 30 15:05:13 2002
Date: Mon Dec 30 2002 - 14:56:16 EST
Could you be more explicit as to which NAT devices support this evasion technique?
All NAT/PAT devices I am familiar with are either complete TCP proxies, in which case they verify the checksum coming in, and then re-calculate it as it goes out, or they only implement the "quick-update" algorithm (RFC 1624 et alia). In the first case, your evil packets get dropped at the first NAT, in the second case, they always have an incorrect checksum.
- On Sun 12/29/02 at 6:44 PM ======================== ============== Ed3f [ed3f@overminder.com] spake: =====================
>> Systems Affected
<< snip>>
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus Received on Mon Dec 30 15:05:13 2002
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:05 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |