Re: [fw-wiz] FW and TCP Sessions

From: backup (backup_at_roc.co.in)
Date: 06/01/04

  • Next message: Jim Seymour: "RE: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)"
    To: Manoj Kumar Neelapareddy <manojkreddyutl@yahoo.com>
    Date: Tue, 01 Jun 2004 18:43:38 +0530
    
    

    Manoj Kumar Neelapareddy wrote:

    >Hi,
    >
    >if a FW is said to be a stateful firewall, then will
    >it allow a TCP packet to pass through it(outbound), if
    >i haven't sent a TCP SYN to initiate a TCP Session
    >before sending this TCP packet?
    >
    >I heard that Statefull firewall won't allow any TCP
    >packets, other than TCP SYNs to pass through it, if
    >there is no session corresponding a TCP packet is
    >maintained in FW's session table.
    >
    >and FW will create a new session only when it detects
    >a TCP SYN.
    >
    >is this correct?
    >
    >comments plz.
    >
    NO, It wont allow until you have a policy configured. Policies are based
    on 5 tuples
    source IP, Destination IP, Source port, destination port and Protocol.
    Again the polices are of two types- Inbound and outbound.
    Depending up on the configured policy the traffic passes thro whether
    its inbound or outbound.
    Cheers,
    -Ravi
    ROCSYS Technologies Ltd.,
    http://www.rocsys.com

    >
    >thank u
    >Manoj
    >
    >
    >
    >
    >__________________________________
    >Do you Yahoo!?
    >Friends. Fun. Try the all-new Yahoo! Messenger.
    >http://messenger.yahoo.com/
    >_______________________________________________
    >firewall-wizards mailing list
    >firewall-wizards@honor.icsalabs.com
    >http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >
    >
    >

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Jim Seymour: "RE: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)"

    Relevant Pages

    • [fw-wiz] FW and TCP Sessions
      ... if a FW is said to be a stateful firewall, ... i haven't sent a TCP SYN to initiate a TCP Session ... before sending this TCP packet? ...
      (Firewall-Wizards)
    • Re: [fw-wiz] FW and TCP Sessions
      ... > if a FW is said to be a stateful firewall, ... > i haven't sent a TCP SYN to initiate a TCP Session ... > before sending this TCP packet? ...
      (Firewall-Wizards)
    • FreeBSD-SA-14:08.tcp has nothing to do with tcp fragments!
      ... The Transmission Control Protocol (TCP) of the TCP/IP protocol suite ... segment list when the reassembly queue reaches its limit. ... *fragments*, that is, a given TCP packet that was too big for the ... But the advisory never mentioned TCP fragments - the issue is about ...
      (FreeBSD-Security)
    • Re: TCP socket - how to get rid?
      ... > TCP packet that can be sent to the signaling a close. ... Yes, theoretically it is possible to sent to peer a packet imitating normal TCP CLOSE, ... Who will set the state of TCP socket in the kernel to FIN-WAIT-1? ...
      (comp.os.linux.networking)
    • Re: Accessing raw TCP packet payload data
      ... As has already been mentioned you can use raw sockets etc to access this ... a TCP packet, using .NET. ... fit inside a single TCP packet. ... Chris Crowther ...
      (microsoft.public.dotnet.general)