When using the established key word at the end of an ACL statement, are
there any security risks?
Can the ACK or RST flag in a segment header be set from a source terminal
to trick the ACL, making it look like the segment is responding to a request?
If so, I would think that anything that receive
act that the 'established' command is only good for TCP streams, so
lots of UDP attacks will not be blocked at all.
HTH,
Kent
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
phyrz
Sent: Saturday, August 25, 2001 11:34 PM
To: [EMAIL PROTECTED]
Subj
it is highly recommended that u use permit to and permitfrom with the
established command
- Original Message -
From: "Kent Hundley"
To:
Sent: Friday, August 31, 2001 12:45 AM
Subject: RE: ACL - TCP established [7:17297]
> First, there are security risks in everything. N
e permit and permitfrom with the
established command on the PIX. It's just not relevant to what the poster
was asking.
-Kent
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 31, 2001 9:45 AM
To: Kent Hundley; [EMAIL PROTECTED]
Subject: Re: AC
have a look
http://www.cisco.com/warp/public/707/2.html
- Original Message -
From: "Kent Hundley"
To: ; "'Kent Hundley'" ;
Sent: Saturday, September 01, 2001 12:03 AM
Subject: RE: ACL - TCP established [7:17297]
> From the context of the origin
:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, August 31, 2001 10:51 AM
To: [EMAIL PROTECTED]
Subject: Re: ACL - TCP established [7:17297]
have a look
http://www.cisco.com/warp/public/707/2.html
- Original Message -
From: "Kent Hundley"
To: ; "'Ke
6 matches
Mail list logo
