How should a firewall process fragmentation flags?
What will be an ideal response?
Fragmentation of IP packets isn't bad in theory. Fragmentation was originally developed as a means of enabling large packets to pass through early routers that had frame size limitations. Routers were able to divide packets into multiple fragments and send them along the network, where receiving routers would reassemble them in the correct order and pass them to their destination. The problem with fragmentation is that because the TCP or UDP port number is provided only at the beginning of a packet, it appears only in fragments numbered 0. Fragments numbered 1 or higher pass through the filter because they don't contain any port information. All an attacker has to do is modify the IP header to start all fragment numbers of a packet at 1 or higher. To be safe, you should have the firewall reassemble fragmented packets before making the admit/drop decision.
You might also like to view...
Answer the following statements true (T) or false (F)
1. If an attempt is made to access storage locations outside the space allocated for a variable of type indexList, an error message is displayed using the standard output stream. 2. Object-oriented design first identifies the objects required in a problem. 3. In object-oriented design it is considered a correct procedure to implement a little, then test. 4. The return type of a function operator< that overloads the operator < depends on the data type that the operator is to process. 5. A friend function must have two or more operands from the class being defined. 6. The sort function in the algorithm library requires iterators as algorithms
You can ________ or move an object around its axis
Fill in the blank(s) with correct word
What color is often used to promote cleanliness?
A) Yellow B) White C) Blue D) Red
Which FHRP solution provides the ability to implement an active/active redundancy approach?
A) GLBP B) HSRP C) VRRP D) LACP