wg-multicast - Re: PIM on Checkpoing Firewall?
Subject: All things related to multicast
List archive
- From: Dan Pritts <>
- To: Stig Venaas <>
- Cc: Tim Chown <>, "Sanchez, Juan (District)" <>,
- Subject: Re: PIM on Checkpoing Firewall?
- Date: Wed, 24 Jan 2007 11:37:21 -0500
On Wed, Jan 24, 2007 at 04:31:20PM +0100, Stig Venaas wrote:
> Is a firewall for multicast really needed? Would it be bad to just let
> all multicast UDP packets to high ports through?
Imagine a situation where IGMP snooping has broken (i'm sure this will be
difficult to imagine), and a multicast stream that one user has requested
to contains an exploit against some known hole in some other service.
If i were the sort to firewall my network against unicast i would certainly
firewall it against multicast.
danno
--
Dan Pritts, System Administrator
Internet2
office: +1-734-352-4953 | mobile: +1-734-834-7224
- PIM on Checkpoing Firewall?, Chris Spears, 01/22/2007
- Re: PIM on Checkpoing Firewall?, Tim Chown, 01/24/2007
- RE: PIM on Checkpoing Firewall?, Sanchez, Juan (District), 01/24/2007
- Re: PIM on Checkpoing Firewall?, Tim Chown, 01/24/2007
- Re: PIM on Checkpoing Firewall?, Stig Venaas, 01/24/2007
- Re: PIM on Checkpoing Firewall?, Dan Pritts, 01/24/2007
- Re: PIM on Checkpoing Firewall?, Stig Venaas, 01/24/2007
- Re: PIM on Checkpoing Firewall?, Tim Chown, 01/24/2007
- RE: PIM on Checkpoing Firewall?, Sanchez, Juan (District), 01/24/2007
- Re: PIM on Checkpoing Firewall?, Anibal Vega-Montijo, 01/24/2007
- Re: PIM on Checkpoing Firewall?, Tim Chown, 01/24/2007
Archive powered by MHonArc 2.6.16.