[c-nsp] Stop IP Fragmentation attck
Roland Dobbins
rdobbins at arbor.net
Tue Apr 26 08:58:18 EDT 2016
On 26 Apr 2016, at 19:49, Satish Patel wrote:
> I told you believe me we have very isolated network for each service.
You're very argumentative for someone asking strangers on the Internet
for assistance, heh. Especially when your initial query was easily
answered with a 4-second search-engine query.
If you're satisfied with your network setup and confident blocking all
UDP non-initial fragments, great. This is generally a Very Bad Idea,
and the commentary in this vein was meant to ensure that you had all the
relevant information when making such a decision.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the cisco-nsp
mailing list