Re: how to audit/test if firewall keep track of state/session
From: CZ (CZ@no99spam.com)
Date: 03/26/03
- Next message: Steve: "Please Help Security issue"
- Previous message: biollante: "Uruklink.net hacked"
- In reply to: Don Kelloway: "Re: how to audit/test if firewall keep track of state/session"
- Next in thread: SysAdm: "Re: how to audit/test if firewall keep track of state/session"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "CZ" <CZ@no99spam.com> Date: Wed, 26 Mar 2003 21:08:56 GMT
> I am evaluating a couple firewalls for my organization now. Lot of
firewalls claim they can maintain session/state information.
Can someone suggest some way to test how "stateful" a firewall is.
Don/Jeff:
Run nmapnt against it. http://www.eeye.com/html/Research/Tools/nmapNT.html
Some of the simple things that stateful should catch, that stateless should
not:
Source address spoofing.
ACK packet not part of a connection
- Next message: Steve: "Please Help Security issue"
- Previous message: biollante: "Uruklink.net hacked"
- In reply to: Don Kelloway: "Re: how to audit/test if firewall keep track of state/session"
- Next in thread: SysAdm: "Re: how to audit/test if firewall keep track of state/session"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
