Re: Netscreen doesn't block established connections

From: John Smyth (someone@microsoft.com)
Date: 12/19/02

• Next message: W. B.: "Re: Netscreen doesn't block established connections"
• Previous message: Ralph A. Jones: "Re: NORTON Firewall doesn't detect TROJAN, !!WARNING TROJAN ATTACHED!! - first_3sum.wri (0/1)"
• In reply to:(deleted message) Leythos: "Re: Netscreen doesn't block established connections"
• Next in thread: W. B.: "Re: Netscreen doesn't block established connections"
• Reply: W. B.: "Re: Netscreen doesn't block established connections"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "John Smyth" <someone@microsoft.com>
Date: Thu, 19 Dec 2002 12:03:27 -0400

You can do this, just manually. You can remove single sessions or
globally.
Telnet to Netscreen. Clear Session All.

"Leythos" <void@nowhere.com> wrote in message
news:MPG.186b0dfb45dcb8139898ec@news-server.columbus.rr.com...
> In article <slrnb01pce.nag.oskov@ux10.cso.uiuc.edu>,
> oskov@students.uiuc.edu says...
> > Hey guys,
> > I am testing a Netscreen 5XT firewall and it puzzles me with this.
> > I start with fresh allow all setup. I connect to host in the inside
> > network with ssh. I put the following rule in the firewall
> > set policy incoming any-outside our-network ssh deny
> > where any-outside and our-network are the network definitions.
> > All new connections are blocked fine, but this one that was established
> > never gets blocked. I can still use it until I logout.
> > Anyone seen this behavior and knows how to prevent it?
>
> I hate to see that - I wanted our Corporate offices to standardize on
> Watchguard and they went with Netscreen. WG stops all connections when
> you update/create a rule for it - even in session ones.
>
> --
> --
> Leythos999@columbus.rr.com
> (Remove 999 to reply to me)

---

• Next message: W. B.: "Re: Netscreen doesn't block established connections"
• Previous message: Ralph A. Jones: "Re: NORTON Firewall doesn't detect TROJAN, !!WARNING TROJAN ATTACHED!! - first_3sum.wri (0/1)"
• In reply to:(deleted message) Leythos: "Re: Netscreen doesn't block established connections"
• Next in thread: W. B.: "Re: Netscreen doesn't block established connections"
• Reply: W. B.: "Re: Netscreen doesn't block established connections"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Backgroun dnoise ... has alredy timed that session out. ... >> If the firewall is blocking internet access to that addy, ... it is directed to Port 1099 and uses source port 53 coming from ... > even shows you that it _is_ a DNS server. ... (comp.security.firewalls) Re: IBM-MAIN 3270 session disconnects ... Subject: IBM-MAIN 3270 session disconnects ... I will still accept the fact that it might be a firewall problem, ... send email to listserv@xxxxxxxxxxx with the message: GET IBM-MAIN INFO ... (bit.listserv.ibm-main) Re: [fw-wiz] FW and TCP Sessions ... Statefule firewalls maintain a stateful session flow ... contains source, destination addresses, TCP sequencing ... connection object in the firewall. ... (Firewall-Wizards) Re: bind() udp behavior 2.6.8.1 ... Allowing a high numbered udp port to remain ... The firewall should allow traffic from the same ip:port to the other ... ip:port and from no other server on the net. ... You new session is totally ... (Linux-Kernel) Re: Client connection keeps on dropping ... Does your firewall have a session timeout setting? ... My bet would be your firewall. ... is that you could test the theory by connecting them over the VPN then see ... The terminal server is within a windows NT ... (microsoft.public.win2000.termserv.apps)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)