Re: Wich protocol numbers?

From: Dusty Harper {MS} (DHarper_at_Online.Microsoft.com)
Date: 03/24/04 

Date: Wed, 24 Mar 2004 14:19:38 -0800

I believe that he is referring to other networking protocols such as IPX,
DEC Net, Banyan VINES etc. Normally a firewall is not needed for these
protocols because they are private to a corporation. In fact, I don't know
of any firewall that deals with these. In Windows 2000, the RRAS component
was capable of doing some IPX filtering, but nothing major. 99% of
firewalls are geared towards TCP/IP based networks, because that is where
the largest threat base lies.

If your firewall box isn't running the other protocols, then they will not
pass through regardless. 

-- 
-- 
Dusty Harper
Microsoft Corporation
----------------------------------------------------------------------------
This posting is provided "AS IS", with NO warranties and confers NO rights
----------------------------------------------------------------------------
"Paul Adare - MVP - Microsoft Virtual PC" <padare@newsguy.com> wrote in
message news:MPG.1acbce8b77a63c9f989917@msnews.microsoft.com...
> In article <esohNoeEEHA.2884@TK2MSFTNGP12.phx.gbl>, in the
> microsoft.public.win2000.security news group, "damned" <Reply to
> newsgroup please> <"damned" <Reply to newsgroup please>> says...
>
> > Since the last rule (case else analogy) for each NIC is "IP Drop All Any
<->
> > Any" and the exclusions (permited) are prior to this rule, everithing is
> > working fine in IP!!! and IP ONLY!
> >
> > To explicitly drop/deny packets of other protocols FOR ALL NICs within
the
> > stream, these rules must be applied *globaly* (for optimization).
> >
>
> Either we've got a language barrier here, or you've got a fairly large
> hole in your networking knowledge or both. If your firewall is already
> handling the TCP/IP protocol, then what other protocols are you talking
> about. Also might help if you'd identify the firewall you're referring
> to here.
>
> -- 
> Paul Adare
> Moral indignation is jealousy with a halo.
> H. G. Wells, The Wife of Sir Isaac Harman

Relevant Pages

  • Re: Natted IP
    ... >>local IP and can guess other protocols that might be allowed through the ... >>against a target and required for firewall protocol tunneling exploits. ... >>run only with JS enabled with Java applets disabled. ... tunnel through a firewall using blind protocols such as an exposed UDP ...
    (alt.computer.security)
  • Re: INCOMING CONNECTION ON PROTOCOL 50
    ... >> take dial up networking which uses GRE. ... >> my firewall will not even notice this traffic passing through. ... >> its as though the Firewall doesnt see GRE packets. ... >ability to filter protocols other than the common ARP, ICMP, ...
    (alt.computer.security)
  • Re: Wich protocol numbers?
    ... > I believe that he is referring to other networking protocols such as IPX, ... > of any firewall that deals with these. ...
    (microsoft.public.win2000.security)
  • Re: WinXP Professional "Firewall"
    ... "inventing the protocols that make networking do what it does" - thats funny ... Can't say i've even looked at XP's firewall, I think its just a packet ...
    (comp.security.firewalls)
  • [Full-Disclosure] YABBT [1] - Re: Zone Alarm
    ... >>network blocking when dealing with like protocols. ... > "There is one big benefit, which no hardware router can bring you. ... "A HW firewall can only block a whole machine but can't denied access ...
    (Full-Disclosure)