At 10:34 29/9/95 -0500, you wrote:
>Per Anton J Aylward <anton @
>>Re your quote: I don't see what packet re-assembly and altency has to do
>>with the trafic being unprotected.
>>Even if your data was in a single packet it could still be hijacked, cloned
>I believe that the initial quote is not talking about the switches
>themselves, but just to the IP traffic which comes via ATM; the
>company, which obviously has a product to sell and may be skewing
>reality a bit, seems to claim that ordinary IP firewalls need the whole
>IP packet, requiring reassembly.
>ATM packets are small and fixed sized -- 5 bytes header and 48 bytes
>payload. Don't recall details of what I read about IP over ATM (... ),
> but I assume that the IP packets are spread among several
>ATM packets, rather than using IP fragmentation and having an entire IP
>packet, albeit a fragment, in each tiny ATM packet. (Corrections
That fits in with what I know about ATM.
However, if IP can fragment and re-assemble, and if TCP can hold onto packets
and do retries so it can get them in order, and this doesn't send people
then why should ATM ??
Anton J Aylward
The Strahn and Strachan Group Inc
Information Security Consultants
Voice: (416) 494-8661 Fax: (416) 494-8803