Re: Netscreen doesn't block established connections
From: Leythos (void@nowhere.com)
Date: 12/19/02
- Next message: Shing-Fat Fred Ma: "Re: ZoneAlarm & Win2K's Internet services"
- Previous message: Shawnews: "Selective Active Content Filtering in Firewalls?"
- In reply to: Nasko Oskov: "Netscreen doesn't block established connections"
- Next in thread: John Smyth: "Re: Netscreen doesn't block established connections"
- Reply:(deleted message) John Smyth: "Re: Netscreen doesn't block established connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Leythos <void@nowhere.com> Date: Thu, 19 Dec 2002 03:58:39 GMT
In article <slrnb01pce.nag.oskov@ux10.cso.uiuc.edu>,
oskov@students.uiuc.edu says...
> Hey guys,
> I am testing a Netscreen 5XT firewall and it puzzles me with this.
> I start with fresh allow all setup. I connect to host in the inside
> network with ssh. I put the following rule in the firewall
> set policy incoming any-outside our-network ssh deny
> where any-outside and our-network are the network definitions.
> All new connections are blocked fine, but this one that was established
> never gets blocked. I can still use it until I logout.
> Anyone seen this behavior and knows how to prevent it?
I hate to see that - I wanted our Corporate offices to standardize on
Watchguard and they went with Netscreen. WG stops all connections when
you update/create a rule for it - even in session ones.
-- -- Leythos999@columbus.rr.com (Remove 999 to reply to me)
- Next message: Shing-Fat Fred Ma: "Re: ZoneAlarm & Win2K's Internet services"
- Previous message: Shawnews: "Selective Active Content Filtering in Firewalls?"
- In reply to: Nasko Oskov: "Netscreen doesn't block established connections"
- Next in thread: John Smyth: "Re: Netscreen doesn't block established connections"
- Reply:(deleted message) John Smyth: "Re: Netscreen doesn't block established connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
