The complete answer can be found on Lance's site
(www.enteract.com/~lspitz/fwtable.html). It's not a good idea to just jump
in and implement the "fix" suggested in the link below, as the behavior is
by design. Allowing non-SYN rulebase matches to be entered in the state
table (as was the default prior to 4.1SP2) exposes you to ACK or other
packet type floods.
Thanks as always to Lance for the info.
Dan Hitchcock
CCNA, MCSE
Network Engineer
Xylo, Inc.
425.456.3970
The work/life solution for corporate thought leaders
-----Original Message-----
From: Gill [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 12, 2000 12:11 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: [FW1] Unknown established TCP packet
Hello, what causes this message in the FW1 logfiles?
"Unknown established TCP packet"
http://www.deathstar.ch/security/fw1/LogViewer/FAQ0179.htm
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
--gill | Tatu Ylonen, SSH 1.2.12 README: "Beware that the most effective
| way for someone to decrypt your data may be with a rubber hose."
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
