Bugtraq mailing list archives
Re: Ambiguities in TCP/IP - firewall bypassing
From: Alun Jones <alun () texis com>
Date: Fri, 18 Oct 2002 16:28:25 -0500
At 03:55 PM 10/18/2002, Benjamin Krueger wrote:
One could also make a case for continuing to abide by the cardinal rule "Be permissive in what you accept, and strict in what you send". Tough call, but its difficult to justify describing stacks that are permissive as "highly bogus" or "lazy" given that being permissive in what you accept is an established notion.
If a usage makes any kind of sense, then it has usually been allowed.
Compliant by the letter, if questionably in spirit. I'm not aware of any tcp client systems that would send SynFin in the real world, so a stack that responded with RST could arguably be "more" correct (for example).
Not necessarily. Have you heard of T/TCP? Before that was around, I remember hearing discussion of using a packet with SYN, FIN, and data all in one, to cut down on round-trips in really short communications, while still providing reliability.
One of the lessons you learn when writing / reading RFC material is that "there are more things on heaven and earth, Horatio, than are dreamt of in your philosophy" (or thereabouts). Just because _you_ don't see a use for a feature, that doesn't mean to say that someone else won't / can't, and specifically, it isn't usually worth limiting a protocol for the rather arbitrary reason that you can't see how a feature would be used.
Alun. ~~~~ -- Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at 1602 Harvest Moon Place | http://www.wftpd.com or email alun () texis com Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.
Current thread:
- Ambiguities in TCP/IP - firewall bypassing Paul Starzetz (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing Alan DeKok (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing Benjamin Krueger (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing Alun Jones (Oct 18)
- RE: Ambiguities in TCP/IP - firewall bypassing John Fitzgerald (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Tony Finch (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Alan DeKok (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing Luis Bruno (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Lyndon Nerenberg (Oct 21)
- Re: Ambiguities in TCP/IP - firewall bypassing Benjamin Krueger (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing Alan DeKok (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing cbrenton (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Aaron Hopkins (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Florian Weimer (Oct 22)