On Monday 02 June 2003 21:24, Dries Schellekens wrote: > ttl Neither side of the connection is allowed to reduce their > IP TTL. An attacker may send a packet such that it reach- > es the firewall, affects the firewall state, and expires > before reaching the destination host. reassemble tcp will > raise the TTL of all packets back up to the highest value > seen on the connection.
This is dangerous. Ed