At 09:04 AM 4/20/01 -0400, Felicetti, Stephen A. wrote:
>Instead of just providing a solution of reverting back to the 4.0 version of
>handling TCP connections, does anyone really know why this is happening and
>whether Checkpoint plans to fix it?
I have been trying to get this answer for weeks. I have run into this very
problem, packets being dropped that should not be dropped and the log
displaying the "unknown established tcp packet" error. The only solution
coming from Checkpoint has been to revert to the old behavior which I
believe was changed in the first place to fix a potential
vulnerability. When I have asked Checkpoint support "If I do this wont I
open up a vulnerability?" they acknowledge it does.
======================================================================
Mike Cerone, CISSP, CCNA
Ad Astra!
======================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
