[c-nsp] SYN FIN and 2611...
Jeff Johnson
jeff at comfrey.net
Fri Sep 10 14:55:16 EDT 2004
Hey all,
In my ongoing efforts to lock down a particular network nessus has been
quite helpful as well as the contributors to this list.
one thing i have been unable to find an answer to is the SYN FIN issue
detailed below. Is this something that can be addressed by the packet
filter on a 2600xm, or should i address it at per system?
. Warning found on port general/tcp
The remote host does not discard TCP SYN packets which
have the FIN flag set.
Depending on the kind of firewall you are using, an
attacker may use this flaw to bypass its rules.
Thanks in advance.
Jeff
More information about the cisco-nsp
mailing list