education."
Priscilla
Oppenheimer To:
[EMAIL PROTECTED]
Subject: RE: MTU and TCP in PIX
[7:61441]
Sent
by:
no
BJ Rice wrote:
>
> Actually the PIX by default will allow fragmented packets.
That's not very nice of it. :-)
> This can be a vulnerability for the PIX. A good policy is to
> enable FragGuard on the PIX. This insures the PIX sees the
> entire seegmented packet before letting it pass through
Actually the PIX by default will allow fragmented packets. This can be a
vulnerability for the PIX. A good policy is to enable FragGuard on the
PIX. This insures the PIX sees the entire seegmented packet before letting
it pass through its outside interface.
Message Posted at:
http://www.group
Xueyan Liu wrote:
>
> Since Priscilla has brought a very good point about
> fragmentation, I'll add my 2 cents. Worked with pix before but
> not an expert. Say PIX does fragment, would the return packet
> be recognized as a valid packet for a previously established
> session?
The return packets s
Since Priscilla has brought a very good point about fragmentation, I'll add
my 2 cents. Worked with pix before but not an expert. Say PIX does fragment,
would the return packet be recognized as a valid packet for a previously
established session?
Xueyan
Message Posted at:
http://www.groupstudy.c
Albert Lu wrote:
>
> Hello Group,
>
> I've had this interesting thing happen with a PIX where tcp
> connection for
> HTTP was established through it however data does not pass
> through
> correctly, since there was no HTTP data being sent through. I
> noticed that
> the MTU for the outside and in
6 matches
Mail list logo