Le mer 06/08/2003 à 13:32, Michael K a écrit : > Then I use stateful inspection, accepting estabished,related. > However, the nessus scanner is reporting this: > ----- > The remote host does not discard TCP SYN packets which > have the FIN flag set. SYN/FIN packets are valid according to RFC793. RFC specify that if RST and ACK are not set, and SYN is set, packet must get treated as opening a connection without examining other flags. > Depending on the kind of firewall you are using, an > attacker may use this flaw to bypass its rules. Some people say that some firewalls may accept this kind of packets through closed ports. That is not Netfilter's behaviour. > Should I be worried? Not with Netfilter. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
