|
|
|
|
|
|
by jaimex2
2282 days ago
|
|
|
I work in the DPI field and have maintained a few DPI firewalls. Most DPI that I know of will defeat this bypass technique, I'm not sure the author has even tested if it works. DPI firewalls already have to support aggregating packets. It's pretty common to need more information beyond the initial packet. It's not really any more memory intensive either, you're just reading byte by byte and keeping what you need. Heck most DPI firewalls support checking something in the outbound packets is in the inbound packets. ie - checking if a connection is performing IKE. |
|
|