Home page logo
/

nanog logo nanog mailing list archives

Re: I don't need no stinking firewall!
From: Mark Smith <nanog () 85d5b20a518b8f6864949bd940457dc124746ddc nosense org>
Date: Wed, 6 Jan 2010 10:08:43 +1030

On Tue, 5 Jan 2010 20:51:47 +0000
Tony Finch <dot () dotat at> wrote:

On Tue, 5 Jan 2010, Brian Johnson wrote:

Given this information, and not prejudging any responses, exactly what
is a firewall for and when is statefull inspection useful?

Stateful inspection is useful for breaking things in subtle and
hard-to-debug ways.
http://fanf.livejournal.com/102206.html
http://fanf.livejournal.com/95831.html


Your second article (with the pointer to "end-to-end arguments in
systems design") reminded me of this thread that came up on the Linux
networking development mailing list recently. TCP was flaking out, but
if the same traffic was tunnelled over the same connection, all was
good.

Strange TCP behavior over HSDPA
http://www.spinics.net/lists/netdev/msg116809.html




Tony.
-- 
f.anthony.n.finch  <dot () dotat at>  http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]