Firewall Wizards mailing list archives
Re: how to determine whether a firewall is stateful or just a simple packet filter?
From: Eric Vyncke <evyncke () cisco com>
Date: Thu, 14 Mar 2002 18:04:55 +0100
Even easier, run nmap -p0 -sA ... from the public towards on server on the private side (like an internal web server). Nmap will send a TCP ACK without an established connection. If you received a RST packet, you are not stateful.
Else, you are at least keeping one state.But, being stateful at layer 4 is more complex than that: do you check sequence number ? what about IP fragmentation ?
and what about L7 states ? There is no easy answer -eric At 09:10 12/03/2002 -0500, Jose Nazario wrote:
On Tue, 12 Mar 2002, ·ç·ç wrote: > how to determine whether a firewall is stateful or just a simple > packet filter? because of job ,I am eager to make clear of it. I will > be very appreciate if someone can tell me. quite simple, really: you can send 'response' packets to stimuli that never were sent (ie a SYN-ACK) and watch for a response from the target (ie a RST). ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- how to determine whether a firewall is stateful or just a simple packet filter? ·ç·ç (Mar 12)
- Re: how to determine whether a firewall is stateful or just a simple packet filter? R. DuFresne (Mar 13)
- Re: how to determine whether a firewall is stateful or just a simple packet filter? Jose Nazario (Mar 13)
- Re: how to determine whether a firewall is stateful or just a simple packet filter? Daniel.Deremiah (Mar 13)
- Message not available
- Re: how to determine whether a firewall is stateful or just a simple packet filter? Eric Vyncke (Mar 15)
- Re: how to determine whether a firewall is stateful or just a simple packet filter? Barney Wolff (Mar 15)
- Re: how to determine whether a firewall is stateful firewalls (Mar 15)
- RE: how to determine whether a firewall is stateful Ofir Arkin (Mar 17)
- Re: how to determine whether a firewall is stateful Mikael Olsson (Mar 29)
- Re: how to determine whether a firewall is stateful or just a simple packet filter? Eric Vyncke (Mar 15)