Re: [fw-wiz] FW and TCP Sessions

From: backup (backup_at_roc.co.in)
Date: 06/01/04

Next message: Jim Seymour: "RE: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)"

Previous message: Paul D. Robertson: "RE: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)"
In reply to: Manoj Kumar Neelapareddy: "[fw-wiz] FW and TCP Sessions"
Next in thread: cs 2004: "Re: [fw-wiz] FW and TCP Sessions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Manoj Kumar Neelapareddy <manojkreddyutl@yahoo.com>
Date: Tue, 01 Jun 2004 18:43:38 +0530

Manoj Kumar Neelapareddy wrote:

>Hi,
>
>if a FW is said to be a stateful firewall, then will
>it allow a TCP packet to pass through it(outbound), if
>i haven't sent a TCP SYN to initiate a TCP Session
>before sending this TCP packet?
>
>I heard that Statefull firewall won't allow any TCP
>packets, other than TCP SYNs to pass through it, if
>there is no session corresponding a TCP packet is
>maintained in FW's session table.
>
>and FW will create a new session only when it detects
>a TCP SYN.
>
>is this correct?
>
>comments plz.
>
NO, It wont allow until you have a policy configured. Policies are based
on 5 tuples
source IP, Destination IP, Source port, destination port and Protocol.
Again the polices are of two types- Inbound and outbound.
Depending up on the configured policy the traffic passes thro whether
its inbound or outbound.
Cheers,
-Ravi
ROCSYS Technologies Ltd.,
http://www.rocsys.com

>
>thank u
>Manoj
>
>
>
>
>__________________________________
>Do you Yahoo!?
>Friends. Fun. Try the all-new Yahoo! Messenger.
>http://messenger.yahoo.com/
>_______________________________________________
>firewall-wizards mailing list
>firewall-wizards@honor.icsalabs.com
>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
>
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Jim Seymour: "RE: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)"

Previous message: Paul D. Robertson: "RE: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)"
In reply to: Manoj Kumar Neelapareddy: "[fw-wiz] FW and TCP Sessions"
Next in thread: cs 2004: "Re: [fw-wiz] FW and TCP Sessions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[fw-wiz] FW and TCP Sessions
... if a FW is said to be a stateful firewall, ... i haven't sent a TCP SYN to initiate a TCP Session ... before sending this TCP packet? ...
(Firewall-Wizards)
Re: [fw-wiz] FW and TCP Sessions
... > if a FW is said to be a stateful firewall, ... > i haven't sent a TCP SYN to initiate a TCP Session ... > before sending this TCP packet? ...
(Firewall-Wizards)
Re: TCP socket - how to get rid?
... > TCP packet that can be sent to the signaling a close. ... Yes, theoretically it is possible to sent to peer a packet imitating normal TCP CLOSE, ... Who will set the state of TCP socket in the kernel to FIN-WAIT-1? ...
(comp.os.linux.networking)
Re: ipfw: reset tcp
... E>>> When a rule 'reset tcp' matches, a kernel generates new TCP packet. ... E>> ipfw2 uses an mbuf flag to bypass the firewall - I am not sure if i ...
(freebsd-net)
Re: Accessing raw TCP packet payload data
... As has already been mentioned you can use raw sockets etc to access this ... a TCP packet, using .NET. ... fit inside a single TCP packet. ... Chris Crowther ...
(microsoft.public.dotnet.general)