This is a bit off-topic, but I recall a discussion of using Checkpoint
firewall, and thought I'd share a SANS security newsletter concerning
checkpoint.
"It's possible to use various fragmented packets (such as those generated by
Jolt2.c) to cause the firewall to crash or operate at 100% CPU utilization.
Firewall rules are ineffective for defense. More information is in this
issue as item {00.24.025} ("Check Point FireWall-1 fragmentation DoS")."
I could forward the complete message to anybody interested.
Richard A. Holland
CCNP,MCSE,OpenBSD
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]