Re: tcp conn tracking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: tcp conn tracking
From: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Date: Mon, 15 Jan 2007 17:59:48 +0100 (MET)
Cc: netfilter@xxxxxxxxxxxxxxxxxxx, Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
In-reply-to: <25296252.199981168880240692.JavaMail.root@xxxxxxxxxxxxxxxxxxxxxxx>
References: <25296252.199981168880240692.JavaMail.root@xxxxxxxxxxxxxxxxxxxxxxx>

>So, ftp connection tracking doesn't work always. Just curious about 
>what is the rationale for such a solution? Is it assumed that if the 
>packet with PORT command is fragmented someone is deliberatly attacking 
>the system?

Yes you can assume that. FTP commands are usually not that long to not 
fit into a small packet.


	-`J'
--

Follow-Ups:
- Re: tcp conn tracking
  - From: Anil Gunturu

References:
- Re: tcp conn tracking
  - From: Anil Gunturu

Prev by Date: Re: tcp conn tracking
Next by Date: Re: tcp conn tracking
Previous by thread: Re: tcp conn tracking
Next by thread: Re: tcp conn tracking
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux