On 2 Jun 99, at 10:36, Gerardo Soto wrote:
> Jun 1 13:10:26 kraken2 157796: *Apr 24 19:41:14: %SEC-6-IPACCESSLOGP:
> list 101 permitted tcp 209.182.195.70(113) -> 200.38.80.1(20615), 1 packet
A packet *from* port 113 looks like a response to an auth request. A
"stateful inspection" firewall should let such a packet in *IFF* it matches
an outbound request seen recently and not yet answered; it should not pass
one that just shows up out of the blue. (I'm reading the "->" as indicating
packet flow from outside to inside.)
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
