Re: hotmail not dealing with ECN

David Wagner (daw@mozart.cs.berkeley.edu)
27 Jan 2001 04:10:48 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: John Sheahan: "ps hang in 241-pre10"
Previous message: =?ISO-8859-1?Q?Joel_Franco_Guzm=E1n?=: "128M OK but with 192M or more sound problem"
Maybe in reply to: Jeremy Hansen: "hotmail not dealing with ECN"
Next in thread: Thunder from the hill: "Re: hotmail not dealing with ECN"

Helge Hafting wrote:
>So, no reason for a firewall author to check these bits.

You don't think like a firewall designer! :-)

Practice being really, really paranoid. Think: You're designing a
firewall; you've got some reserved bits, currently unused; any future code
that uses them could behave in completely arbitrary and insecure ways,
for all you know. Now recall that anything not known to be safe should
be denied (in a good firewall) -- see Cheswick and Bellovin for why.
When you take this point of view, it is completely understandable why
firewalls designed before ECN was introduced might block it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Sheahan: "ps hang in 241-pre10"
Previous message: =?ISO-8859-1?Q?Joel_Franco_Guzm=E1n?=: "128M OK but with 192M or more sound problem"
Maybe in reply to: Jeremy Hansen: "hotmail not dealing with ECN"
Next in thread: Thunder from the hill: "Re: hotmail not dealing with ECN"