Re: Kerio 2.1.5: handling fragmented packets
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Kerio 2.1.5: handling fragmented packets

From: Ansgar -59cobalt- Wiechers <usenet-2005@planetcobalt.net>
Date: Tue Dec 20 2005 - 15:05:40 CET



Volker Birk wrote:


> Ric <me@privacy.net> wrote:


>> If an incoming connection is fragmented Kerio will accept it. Then it


>> will allow all traffic in both directions on that connection. Kerio


>> is supposed to be a packet filter and it can't filter fragmented


>> packets.


> 


> Oh-my-FSM. It's even getting worse ;-) Is this true for all Kerio


> versions?



AFAIK only for Kerio 2.x which is out of development (and support) for


several years now.



cu


59cobalt



-- 
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc


Received on Fri Dec 23 20:08:30 2005