locked
Block certain UDP packets based on lenght RRS feed

  • Question

  • Hi

    On Linix i' able to block certain UDP packets based on lenght. I know that on Windows it's not possible but probably there's a workaround or an external software i can use. I'm looking for this kind of software from months and i really need it. I hope that you can help me.

    Friday, February 24, 2012 7:01 PM

Answers

  • Depends on the network equipment in use, if you are using Cisco devices, you could use  route map that matches based on length and an ACL that matches UDP traffic. As far as Windows goes, I do not think there is a native way to filter based on packet length. This sounds more like a workaround for something else, why do you need to filter packets based on length?
    • Edited by Mike Burr Monday, February 27, 2012 2:29 AM
    • Proposed as answer by Aiden_Cao Thursday, March 1, 2012 1:48 AM
    • Marked as answer by Aiden_Cao Friday, March 2, 2012 1:36 AM
    Monday, February 27, 2012 2:27 AM
  • I know that in Zone Alarm you can make a rule that if the UDP packet lenght doesn't match the real packet lenght it drop it, but havan't seen the setting for only the lenght of the packet.

    But like Mike ask, I wonder too why you need to filter such thing, as by default UDP is rarely forwarded from the WAN->LAN. Thus it would only check against your own computers in your LAN.


    MCP | MCTS 70-236: Exchange Server 2007, Configuring


    • Edited by Yagmoth555MVP Monday, February 27, 2012 4:42 AM
    • Proposed as answer by Aiden_Cao Thursday, March 1, 2012 1:48 AM
    • Marked as answer by Aiden_Cao Friday, March 2, 2012 1:36 AM
    Monday, February 27, 2012 4:41 AM

All replies

  • Depends on the network equipment in use, if you are using Cisco devices, you could use  route map that matches based on length and an ACL that matches UDP traffic. As far as Windows goes, I do not think there is a native way to filter based on packet length. This sounds more like a workaround for something else, why do you need to filter packets based on length?
    • Edited by Mike Burr Monday, February 27, 2012 2:29 AM
    • Proposed as answer by Aiden_Cao Thursday, March 1, 2012 1:48 AM
    • Marked as answer by Aiden_Cao Friday, March 2, 2012 1:36 AM
    Monday, February 27, 2012 2:27 AM
  • I know that in Zone Alarm you can make a rule that if the UDP packet lenght doesn't match the real packet lenght it drop it, but havan't seen the setting for only the lenght of the packet.

    But like Mike ask, I wonder too why you need to filter such thing, as by default UDP is rarely forwarded from the WAN->LAN. Thus it would only check against your own computers in your LAN.


    MCP | MCTS 70-236: Exchange Server 2007, Configuring


    • Edited by Yagmoth555MVP Monday, February 27, 2012 4:42 AM
    • Proposed as answer by Aiden_Cao Thursday, March 1, 2012 1:48 AM
    • Marked as answer by Aiden_Cao Friday, March 2, 2012 1:36 AM
    Monday, February 27, 2012 4:41 AM