On Jan 6, 2010, at 4:07 AM, Mark Foster wrote:
I'm interested by this assertion; surely Stateful Inspection is meant to facilitate the blocking of out-of-sequence packets, ones which aren't part of valid + recognised existing sessions - whilst of course allowing valid SYN session-starters, etc?
So thus, there may still be some value in catching 'injected' packets which don't actually belong in a session... ?
Nope - the hosts handle this better on their own.
Some might argue that DoS is preferred to the other degrees of risk that many webservers hold... (trying not to point the finger in any one specific direction.)
Except that the firewalls don't mitigate any of the other degrees of risk, either. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken