|
|
|
|
|
|
by TechBro8615
1100 days ago
|
|
|
If you're a firewall vendor, it seems like a no-lose situation to drop packets with the evil bit. Either someone's experimenting like in this blog post, and you look cool because you implemented an April Fool's RFC, or someone is actually sending malicious packets, and you look like a competent firewall. Imagine if you didn't drop the packets with the evil bit, and a hacker thinks it's funny to add the bit to their packets while they're exploiting some unrelated vulnerability in your software. The post-mortems and exploit writeups would make you look incompetent - "this firewall vendor can't even stop packets that announce their evil intentions!" |
|
|