> Check protocol (TCP/UDP/ICMP/ICMP6) checksums of all incoming packets, > and drop packets with invalid checksums. Without such a check, pf would > return RST/ICMP errors even for packets with invalid checksums, which > could be used to detect the presence of the firewall, reported by > "Ed White" in http://www.phrack.org/phrack/60/p60-0x0c.txt.The link above is broken, please go to http://www.phrack.org/issues.html?issue=60&id=12#article, very intersting reading.
Wednesday, May 30, 2007
Interesting OpenBSD commits
http://www.undeadly.org/cgi?action=article&sid=20070528213858 Especially this comment:
- ▼ May (3)