[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] ICMP Stateful or NOT ?
So that means it is stateful, but only if I allow all icmp? Interesting, but not very useful. There is code out there that makes stateful icmp with INSPECT code. I have a sample by Bill Burns from 1997/1999, and I have seen others on the net. Search for ICMP CHECKPOINT on the Internet and you should be able to find it, I don't have the source URL with me. I don't know why Checkpoint hasn't adopted it or something like it yet. Daniel Gaughan -----Original Message----- From: Byoung Sun Yu [mailto:[email protected]] Sent: Wednesday, January 10, 2001 10:30 AM To: 'Carl E. Mankinen'; [email protected] Subject: RE: [FW1] ICMP Stateful or NOT ? FW-1 4.0 or later keeps the state of ICMP IF and ONLY IF Accept ICMP option is checked in the Properties. Sun Yu, CISSP Lucent Worldwide Services > -----Original Message----- > From: [email protected] > [mailto:[email protected]]On > Behalf Of Carl > E. Mankinen > Sent: Wednesday, January 10, 2001 9:00 AM > To: [email protected] > Subject: [FW1] ICMP Stateful or NOT ? > > > > I seem to be reading quite a bit that even 4.X does not use > stateful inspection > for ICMP requests. Is this in fact the case, or has > CheckPoint corrected this > in the latest releases? > > For them to say that ICMP packets are harmless and thus do not require > stateful inspection is beyond belief (having my doubts they > actually said this...) > ICMP is a perfect method for tunneling control connections > for trojans, or > for sending obscured hashed data containing information you > wouldn't like exposed. > > > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|