Re: how to audit/test if firewall keep track of state/session
From: SysAdm (wjones@sitesmith.com)
Date: 03/26/03
- Next message: Karl Levinson [x y], mvp: "Re: A Funny Joke- Off Topic but not Really"
- Previous message: Robin T Cox: "Re: Xupitor"
- In reply to: Jeff: "how to audit/test if firewall keep track of state/session"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "SysAdm" <wjones@sitesmith.com> Date: Wed, 26 Mar 2003 12:35:42 +0000 (UTC)
"Jeff" <nospam@group.com> wrote in message
news:BW8ga.7016$KlE.4143@news04.bloor.is.net.cable.rogers.com...
> Hi Gurus,
>
> I am evaluating a couple firewalls for my organization now. Lot of
firewalls
> claim they can maintain session/state information.
>
> Can someone suggest some way to test how "stateful" a firewall is.
>
> Many Thanks.
>
> Jeff.
stateful firewalls maintain a state table. find out how your brand of
firewall allows you to check the statetable and bingo.
for instance with checkpoint i could enter:
fw tab -t connections -s
to get a delimited output of the present tcp connections table. if i had a
pair of firewalls in active/standby, I would expect my standby unit to
provide identical output in response to this command.
SysAdm
- Next message: Karl Levinson [x y], mvp: "Re: A Funny Joke- Off Topic but not Really"
- Previous message: Robin T Cox: "Re: Xupitor"
- In reply to: Jeff: "how to audit/test if firewall keep track of state/session"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
