Re: Ambiguities in TCP/IP - firewall bypassing

[Alun Jones <alun () texis com>]

At 03:55 PM 10/18/2002, Benjamin Krueger wrote:
>   One could also make a case for continuing to abide by the cardinal
> rule "Be permissive in what you accept, and strict in what you send".
> Tough call, but its difficult to justify describing stacks that are
> permissive as "highly bogus" or "lazy" given that being permissive in
> what you accept is an established notion.

If a usage makes any kind of sense, then it has usually been allowed.

> Compliant by the letter, if questionably in spirit. I'm not aware of any
> tcp client systems that would send SynFin in the real world, so a stack
> that responded with RST could arguably be "more" correct (for example).

Not necessarily.  Have you heard of T/TCP?  Before that was around, I 
remember hearing discussion of using a packet with SYN, FIN, and data all 
in one, to cut down on round-trips in really short communications, while 
still providing reliability.

One of the lessons you learn when writing / reading RFC material is that 
"there are more things on heaven and earth, Horatio, than are dreamt of in 
your philosophy" (or thereabouts).  Just because _you_ don't see a use for 
a feature, that doesn't mean to say that someone else won't / can't, and 
specifically, it isn't usually worth limiting a protocol for the rather 
arbitrary reason that you can't see how a feature would be used.

Alun.
~~~~

--
Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place   | http://www.wftpd.com or email alun () texis com
Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.