|
Security Basics
mailing list archives
RE: Packets with TCP flags set
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 16 Sep 2009 09:18:22 -0700
Well, presumably it doesn't forward those extraneous flags to
the real servers it is proxying for, and doesn't respond as you've
described to clients you don't want connections from.
Apparently ISA's philosophy is "allow unless blocked" more than
"deny unless permitted". Depending on the sort of information and
resources you host and the risk-tolerance of your enterprise, this
might be appropriate.
David Gillett
-----Original Message-----
From: .\lgp [mailto:lgpmsec () gmail com]
Sent: Wednesday, September 16, 2009 12:10 AM
To: gillettdavid () fhda edu; security-basics () securityfocus com
Subject: RE: Packets with TCP flags set
Hi David,
Actually I encountered this on an ISA server that I was
scanning form an external perspective; this box is a Win2K3
currently directly connected to the public zone, and is
acting as a proxy.
What do you think?
-----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu]
Sent: Wednesday, September 16, 2009 01:51
To: '.\lgp'; security-basics () securityfocus com
Subject: RE: Packets with TCP flags set
Do you have a real firewall, or do you rely on router
access lists to filter traffic?
I ask because any of these will probably meet an ACL "established"
condition and be
treated as an already-filtered connection when in fact it
might be one another rule is intended to block.
David Gillett
CISSP CCNP
-----Original Message-----
From: .\lgp [mailto:lgpmsec () gmail com]
Sent: Sunday, September 13, 2009 3:46 PM
To: security-basics () securityfocus com
Subject: Packets with TCP flags set
Hi list,
I have a host that responds to a TCP SYN packet with at
least one of
the following flags set with a SYN ACK packet: RST, FIN,
ACK, FIN|PSH.
Two questions come to mind:
1- is this a bad thing? If so, why?
2- how to mitigate this issue?
Thank you,
Lgp.
--------------------------------------------------------------
----------
Securing Apache Web Server with thawte Digital Certificate In this
guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits
your company
and how your customers can tell if a site is secure. You
will find out
how to test, purchase, install and use a thawte Digital
Certificate on
your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;
e13b6be442f727d1
--------------------------------------------------------------
----------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
