NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] ICMP Stateful or NOT ?



So that means it is stateful, but only if I allow all icmp? Interesting, but
not very useful.

There is code out there that makes stateful icmp with INSPECT code. I have a
sample by Bill Burns from 1997/1999, and I have seen others on the net.
Search for ICMP CHECKPOINT on the Internet and you should be able to find
it, I don't have the source URL with me. I don't know why Checkpoint hasn't
adopted it or something like it yet.

Daniel Gaughan

-----Original Message-----
From: Byoung Sun Yu [mailto:[email protected]]
Sent: Wednesday, January 10, 2001 10:30 AM
To: 'Carl E. Mankinen'; [email protected]
Subject: RE: [FW1] ICMP Stateful or NOT ?



FW-1 4.0 or later keeps the state of ICMP IF and ONLY IF Accept ICMP option
is checked in the Properties.

Sun Yu, CISSP
Lucent Worldwide Services


> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On
> Behalf Of Carl
> E. Mankinen
> Sent: Wednesday, January 10, 2001 9:00 AM
> To: [email protected]
> Subject: [FW1] ICMP Stateful or NOT ?
>
>
>
> I seem to be reading quite a bit that even 4.X does not use
> stateful inspection
> for ICMP requests. Is this in fact the case, or has
> CheckPoint corrected this
> in the latest releases?
>
> For them to say that ICMP packets are harmless and thus do not require
> stateful inspection is beyond belief (having my doubts they
> actually said this...)
> ICMP is a perfect method for tunneling control connections
> for trojans, or
> for sending obscured hashed data containing information you
> wouldn't like exposed.
>
>
>
>
>
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.