Firewall Wizards mailing list archives
Re: What is the difference between stateful packet filteringand Stateful pkt inspection ?
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Tue, 04 Feb 2003 03:21:50 +0100
Volker Tanger wrote:
anil bindal wrote:5) Does the Watch Guard http-filter rule does the same processing on the packet as the check point or CISCO PIX rule ??No. CheckPoint and PIX use (transparent) proxies (called "ressource" or "fixup") when filtering. But CKP has quite some inspection for a number of other protocols - especially when it comes to RPC handling, I do not know any product coming near. Again: please correct me, if I missed something here.
Err. No. FW-1 and PIX most certainly do NOT use proxies for these kind of things. If they did, early TCP segmentation and partially-resent TCP segments wouldn't have been able to fool them into opening Gaping Holes(tm). ... which reminds me that I need to play TCP segmentation games with various HTTP filters. Muaha. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: What is the difference between stateful packet filteringand Stateful pkt inspection ? Mikael Olsson (Feb 03)
- Re: What is the difference between stateful packet filteringand Stateful pkt inspection ? Volker Tanger (Feb 04)
- Re: What is the difference between stateful packet filteringand Stateful pkt inspection ? Darren Reed (Feb 04)