>Without using SynDefender what is the default time Checkpoint 4.1 will
allow
>for the entire TCP handshake to take place before the firewall will close
the
>connection. Also what will be logged if the connection is dropped by
> the firewall if the handshake is not finished?
Stephen:
During the initial TCP handshake (i.e. SYN, SYN/ACK, ACK) FireWall sets the
timeout value for the connection in the state table to 60seconds.
You can edit this by editing a file $FWDIR/conf/objects.C with the following
entry:
:tcpstarttimeout (60)
After the handshake is completed, the timeout is set to 3600seconds if you
haven't changed your default Policy->Properties: TCP timeout value...
...not sure what will be logged if the handshake is not completed or even IF
anything will be logged at all...
.peace.
Amin Tora,CISSP
ePlus Technology Inc.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
