RFC 3514 proposes to make the job of network enforcement appliances much simpler by flagging network packets related to a malicious intent with a security flag. The flag simply allows a 0 or a 1 bit to be set where zero indicates the packet has no evil intent. If the bit is set to 1, the packet has evil intent. Secure systems SHOULD try to defend themselves against such packets. Insecure systems MAY chose to crash, be penetrated, etc.
If you are a security conscious network engineer or administrator and utilise Wireshark to analyse packets you can enable this security flag interpreter under the IPv4 settings of Wireshark. Look for "Interpret Reserved flag as Security flag (RFC 3514)".
Comments
|
WifiHaxWe build and optimise networks. Continuous learning is our secret to being good. Along the learning journey we will share things here... Archives
May 2024
Categories
All
|