packets with syn/fin vs pf_norm.c
Garrett Wollman
wollman at csail.mit.edu
Sun Jul 3 02:14:10 GMT 2005
<<On Sun, 03 Jul 2005 00:06:37 +0200, Jesper Wallin <jesper at www.hackunite.net> said:
> First of all, I know that not dropping SYN/FIN isn't really a big deal, it
> just makes no sense. But since it doesn't make any sense, I don't see
> the reason why not to discard them.
Perhaps because you are under the erroneous impression that such
packets are nonsensical.
-GAWollman
More information about the freebsd-security
mailing list