[prev in list] [next in list] [prev in thread] [next in thread]
List: firewall-wizards
Subject: Re: [fw-wiz] Checkpoint rule 0 "unknown est. tcp connection" drops
From: Lance Spitzner <lance () honeynet ! org>
Date: 2001-08-08 15:57:55
[Download RAW message or body]
On Tue, 7 Aug 2001 black@galaxy.silvren.com wrote:
> Preamble:
>
> I checked phoneboy's site and also checkpoint, the only solution was to
> simply disable the syn rulebase matching, which I eventually did and it
> did in fact take care of the problem. However, I think that the syn
> rulebase matching in general is seriously broken.
>
> Here are the details:
I wrote a detailed paper on FW-1 state table. If you have not yet,
you may want to review the paper as it offers detailed information into
CheckPoint state management.
http://www.enteract.com/~lspitz/fwtable.html
lance
_______________________________________________
firewall-wizards mailing list
firewall-wizards@nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic