View Full Version : What is Virtual Fragment Reassembly?

2005-08-13, 14:48
What is Virtual Fragment Reassembly?
In order to determine whether or not a packet fragmented should be allowed or not, FireWall-1 holds all fragments it receives until it gets them all and assembles them in memory. If the assembled packet would normally pass, then it passes the packet, but it sends out the packet as it received it: fragmented (thus the term virtual defragmentation). If FireWall-1 doesn't receive all the fragments for the packet or the fragment table fills up, such as occurs with any fragmentation-based Denial of Service attacks that send malformed packet fragments, then FireWall?-1 drops the fragments and does not forward them.

-- PhoneBoy - 08 Jan 2004

FAQs.Class: MiscellaneousFAQs