hi..
i remember distinctly learning at some point that there is a TTL = 1 based attack on a packet-filtering firewall. I cant seem to recall how it worked out.. i researched it online and i m not talking about port scanning with ttl = 1.. lets say that a user does not have access to some file behind the firewall.. how does changing the TTL = 1 give the user acceess to those certain restricted files?
and by chaing the rules of the firewall to dropping all packets below a certain TTL, lets say x, help thwart the attack..? and how to remedy the situation? will using a circuit level or applicatoin level firewall help?
help is mucha appreciated.
cheers,