[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] New TCP-stack-exploit a hoax

>> BTW. If i've a stateful inspection of my ip-packets and drop
>> all packets not related to a connection i established such fragmented
>> packets mentioned should not care me ?!? OR am i FALSE ??

>Why? Connection-tracking could be buggy too? ;-)

Thats not what a asked. Assuming conn-track works fine and my
ip-filter decides to drop the package. When will this take place ?
Before defragmenting packet or with defragmented packets,. The 
last case means such an exploit would work.



Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here