Firewall Wizards mailing list archives
Re: Checkpoint rule 0 "unknown est. tcp connection" drops
From: Lance Spitzner <lance () honeynet org>
Date: Wed, 8 Aug 2001 10:57:55 -0500 (CDT)
On Tue, 7 Aug 2001 black () galaxy silvren com wrote:
Preamble: I checked phoneboy's site and also checkpoint, the only solution was to simply disable the syn rulebase matching, which I eventually did and it did in fact take care of the problem. However, I think that the syn rulebase matching in general is seriously broken. Here are the details:
I wrote a detailed paper on FW-1 state table. If you have not yet,
you may want to review the paper as it offers detailed information into
CheckPoint state management.
http://www.enteract.com/~lspitz/fwtable.html
lance
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Joseph Steinberg (Aug 06)
- Re: Re: Code Red: What security specialist don't mention inwarnings(Frank Knobbe) Paul Cardon (Aug 07)
- Checkpoint rule 0 "unknown est. tcp connection" drops black (Aug 07)
- Re: Checkpoint rule 0 "unknown est. tcp connection" drops Andrew Huffer (Aug 08)
- Re: Checkpoint rule 0 "unknown est. tcp connection" drops black (Aug 10)
- Re: Checkpoint rule 0 "unknown est. tcp connection" drops Lance Spitzner (Aug 10)
- Checkpoint rule 0 "unknown est. tcp connection" drops black (Aug 07)
- Re: Re: Code Red: What security specialist don't mention inwarnings(Frank Knobbe) Paul Cardon (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Darren Reed (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Marcus J. Ranum (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Damir Rajnovic (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Adam Shostack (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Darren Reed (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Adam Shostack (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Darren Reed (Aug 07)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Predrag Zivic (Aug 10)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Adam Shostack (Aug 11)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Adam Shostack (Aug 10)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Marcus J. Ranum (Aug 07)