I do recall that Linux ip stack sends data in
reverse. So if your buffering is disabled or if the buffers are small, the
firewall will drop the packets before getting the headers containing sourse and
destination.
I'll have to look it up in my PIX documentation, if
you need more info I 'll
test this is a test
Scott Overfield
Network Administrator
Gratiot County Community Mental Health
989-466-4109
[EMAIL PROTECTED]
___
Firewalls mailing list
[EMAIL PROTECTED]
Jason,
Have you tried netcat instead of telnet? Can you do a tcpdump to analyze the
packets?
-Tony
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Jason Lewis
Sent: Wednesday, October 17, 2001 7:58 PM
To: [EMAIL PROTECTED]
Subject: Checkpoint issues
Thanks, I haven't tried it yet but I'll try it over this weekend.
Just wonder if there any security threat as a result of keeping all
connections? Should I adjust memory assigned to connection tables in this
case? Should I decrease TCP timepout in properties of the policy?(I changed
it from
Info
help
Waht do you need help on Carlos?
*** IMPORTANT ! **
The content of this email and any attachments are confidential and intended
for the named recipient(s) only.
If you have received this email in error please notify the sender
That is a good question, and I am not sure of the answer. It is my
understanding that the connections in the connections table will timeout
eventually. I guess the question is how different people view that as a
security issue. Maybe someone else can shed some light on this.
Scott
i am sure that this has been discussed before , but has anyone any views on
the personal firewall zone alarm?. i am not connected to a network and have
dial up access to my ISP and will have until our exchange is upgraded to
handle broadband in december 2002. i am currently using the free basic
Thanks, it worked.
-gab
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Hiemstra, Brenno
Sent: Wednesday, October 17, 2001 4:18 AM
To: Gabriel Beaulieu; '[EMAIL PROTECTED]'
Subject: RE: Checkpoint on Solaris, fetching policy problems.
Gabriel,
I had
Gordon,
1)If you have trouble loading policies, you can first try to unload it with #fw unload localhost.
2)To install new package (FW 4.1, or NG), go to your Nokia Console, and excute:
#/etc/newpkg
and then go to voyager / manage installed package / turnthe right package on / apply
3) what HA
I am looking for something to load on an old laptop. This question
may have been asked and answered before but I am a newbie.
My laptop is a IBM ThinkPad 360cse: 486 DX2/50, 8m RAM,
360m HDD, FDD, dual pcmcia.
My Internet connection is via an external Verizon/Westell ADSL
modem. My HP
ZoneAlarm is worthless. It's nothing more than a socket guardian, it
listens for the opening and closing of sockets and asks if you want to allow
it.
It doesn't protect you from anything that proper configuration can. Disable
NetBIOS, stay up to date with patches, and there's nothing to
According to Doc - KD4E:
Will floppyfw run on my TP and recognize a pair of pcmcia nics,
one for ADSL and the other to connect to a 4-port hub?
Have you considered using NetBSD? IIRC NetBSD will install onto a
machine with that much memory so you don't need to mess with
floppies. For a cut
For $39 you should upgrade to the Pro-version. it will give you more
granular control over icmp, tcp, and udp. This will help until you get some
dedicated bandwidth, then investing in a dedicated firewall.
So, are you using dialup RAS and etrn with your exch ims?
cheers.byron
-Original
While
searching through the FW-1 mailing list archives. I found this and it
sounds a lot like the problem I am having. Anyone familiar with
it?
http://msgs.securepoint.com/cgi-bin/get/fw1-9808/267.html
Sounds like your Linux box is being
subjected to a session auth rule. When FireWall-1
16 matches
Mail list logo