turnere wrote:
>
> Buffering of out-of-order
> segments and proper handling of overlapping TCP segments is also required
> if a NIDS is to operate in a reliable fashion. SecureNet PRO does all of
> this.
Just to be really picky and paranoid:
When two TCP segments overlap, how do you know how the receiving host
will handle them? Will it keep the data in the first segment, or will
that data be overwritten by the second segment?
The answer is of course: you can't know.
So how do you handle that situation?
/Mike, curious
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 29 92 00 Direct: +46 (0)660 29 92 05
Mobile: +46 (0)70 66 77 636 Fax: +46 (0)660 122 50
WWW: http://www.enternet.se/ E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
