Hi,
> Is it true that Checkpoint doesn't track TCP Sequencenumbers???
See www.darkart.com/mirrors/www.obfuscation.org/ipf/tcp_filtering.pdf
and www.enteract.com/~lspitz/fwtable.html
or look at the FW-1 connections table (by 'fw tab -t connections -u') ...
> So, it is possible to mislead the FW with a sequencenumber-randomizer?
Probably the host(s) behind will not accept randomized seq numbers for their
connections...
Regards,
Enno Rey
[EMAIL PROTECTED] --- www.security-academy.de
PGP 74C0 C7E1 3875 E4EB 9B75 8B9D 5E2D 3178 685B F222
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
