Security Basics mailing list archives
RE: Packets with TCP flags set
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 16 Sep 2009 09:18:22 -0700
Well, presumably it doesn't forward those extraneous flags to the real servers it is proxying for, and doesn't respond as you've described to clients you don't want connections from. Apparently ISA's philosophy is "allow unless blocked" more than "deny unless permitted". Depending on the sort of information and resources you host and the risk-tolerance of your enterprise, this might be appropriate. David Gillett
-----Original Message----- From: .\lgp [mailto:lgpmsec () gmail com] Sent: Wednesday, September 16, 2009 12:10 AM To: gillettdavid () fhda edu; security-basics () securityfocus com Subject: RE: Packets with TCP flags set Hi David, Actually I encountered this on an ISA server that I was scanning form an external perspective; this box is a Win2K3 currently directly connected to the public zone, and is acting as a proxy. What do you think? -----Original Message----- From: David Gillett [mailto:gillettdavid () fhda edu] Sent: Wednesday, September 16, 2009 01:51 To: '.\lgp'; security-basics () securityfocus com Subject: RE: Packets with TCP flags set Do you have a real firewall, or do you rely on router access lists to filter traffic? I ask because any of these will probably meet an ACL "established" condition and be treated as an already-filtered connection when in fact it might be one another rule is intended to block. David Gillett CISSP CCNP-----Original Message----- From: .\lgp [mailto:lgpmsec () gmail com] Sent: Sunday, September 13, 2009 3:46 PM To: security-basics () securityfocus com Subject: Packets with TCP flags set Hi list, I have a host that responds to a TCP SYN packet with atleast one ofthe following flags set with a SYN ACK packet: RST, FIN,ACK, FIN|PSH.Two questions come to mind: 1- is this a bad thing? If so, why? 2- how to mitigate this issue? Thank you, Lgp. -------------------------------------------------------------- ---------- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefitsyour companyand how your customers can tell if a site is secure. Youwill find outhow to test, purchase, install and use a thawte DigitalCertificate onyour Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946; e13b6be442f727d1 -------------------------------------------------------------- ----------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Adding new exploit module to metasploit 3.1 sfmailsbm (Sep 11)
- Message not available
- Re: Adding new exploit module to metasploit 3.1 Jai (Sep 15)
- Message not available
- Packets with TCP flags set .\lgp (Sep 15)
- RE: Packets with TCP flags set David Gillett (Sep 16)
- RE: Packets with TCP flags set .\lgp (Sep 16)
- RE: Packets with TCP flags set David Gillett (Sep 17)
- RE: Packets with TCP flags set David Gillett (Sep 16)