The PIX automatically randomizes TCP sequence numbers to prevent TCP session
hijacking. You can turn this feature off if you want, but its a useful
feature if you have servers that do not perform their own sequence
randomization. (see the cisco PIX docs 'static' command for more info)
HTH,
Kent
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Anatoly Shein
Sent: Wednesday, September 05, 2001 11:49 PM
To: [EMAIL PROTECTED]
Subject: TCP seq changed when cross Cisco PIX 525 [7:18764]
Hi
I was encountered with strange situation.
Probably one of your can help/heard about something alike.
Problem description:
There is sun machine connected to pair of Cisco PIX 525
On sun there is software sent TCP SYN probe packets
with sequence number starts from 1 and increments for each packet.
packets sent 1 for 50 mili seconds
When packet cross router the sequence number is changed.
This change is consistent for one set of packets but is not
for subsequent set of packets
for example :
before cisco after cisco
1. TCP syn seq = 1 seq = 1 + x
2. TCP syn seq = 2 seq = 2 + x
3. TCP syn seq = 3 seq = 3 + x
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18804&t=18764
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
