Striek,

You mentioned that

"ipchains can be configured to not allow a packet fragment if its offset is not set to be the end of the previous packet. In this manner, the port field cannot be overwritten"

Would it be possible then, to configure IPchains to allow this sort of attack? As I said I am interested in setting this vulnerability/attack up in my own lab for research purposes. I have never used ipchains however (Only iptables), so I dont know what the possibilities are.

If this could be done (configuring IPchains to allow this sort of attack), that would be great (well, for research anyways!)

Thanks.