[e2e] CERT/CC Vulnerability Note VU#464113
Spencer Dawkins
spencer_dawkins at yahoo.com
Wed Dec 3 11:03:59 PST 2003
Hi, Rick,
I presume when you asked
> Is it me, or does this seem to be just a little bit off as to
> where the problem
> lies and thus what aught to be patched?
>
> http://www.kb.cert.org/vuls/id/464113
You referred to
If a vendor patch is not available for your TCP
implementation (and even if one is), you may wish to:
...
o not use routable IP space except inside your DMZ
...
I find this amazing... apparently the problem is that some
network administrators still violate the "end-to-middle
principle" by using routable addresses in their networks?!?!
Spencer
More information about the end2end-interest
mailing list