RE: Packets with TCP flags set



Do you have a real firewall, or do you rely on router access lists to
filter traffic?

I ask because any of these will probably meet an ACL "established"
condition and be
treated as an already-filtered connection when in fact it might be one
another rule is
intended to block.

David Gillett
CISSP CCNP


-----Original Message-----
From: .\lgp [mailto:lgpmsec@xxxxxxxxx]
Sent: Sunday, September 13, 2009 3:46 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Packets with TCP flags set

Hi list,

I have a host that responds to a TCP SYN packet with at least
one of the following flags set with a SYN ACK packet: RST,
FIN, ACK, FIN|PSH. Two questions come to mind:
1- is this a bad thing? If so, why?
2- how to mitigate this issue?

Thank you,
Lgp.


--------------------------------------------------------------
----------
Securing Apache Web Server with thawte Digital Certificate In
this guide we examine the importance of Apache-SSL and who
needs an SSL certificate. We look at how SSL works, how it
benefits your company and how your customers can tell if a
site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache
web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management
of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;
e13b6be442f727d1
--------------------------------------------------------------
----------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • Re: server security
    ... This is a basic web server that runs email, web and a couple other things. ... He that will not reason is a bigot; he that cannot reason is a fool; he that ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: server security
    ... It doesn't really reduce your risk, ... This is a basic web server that runs email, web and a couple other things. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: Linux or Unix distribution for network sniffing
    ... packet capture seriously. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: About to start PWB - Any =?UTF-8?Q?tips=3F?=
    ... The OSCP is a 3 stage ... >> Securing Apache Web Server with thawte Digital Certificate ... >> test, purchase, install and use a thawte Digital Certificate on your Apache ...
    (Security-Basics)
  • Re: Manipulate PDFs with Malware
    ... during the opening process of the PDF in order to change the payment ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)