22 Feb
2003
22 Feb
'03
11:47 a.m.
BB> DNS clients will eventually timeout and fall back to another BB> server, so any problems would be transient, but the packets BB> were legit, right?
Stateful packet filters are nice. Properly written, they protect both inbound and outbound traffic and need to track very little state.
Stateful packet filtering by C sitting between A and B is fallacy since in order for C to make an intelligent decision it may need to know the details of every possible communication protocol used by A and B. Alex