[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] ICMP Stateful or NOT ?
Actually, I don't know if I believe that either. Check Point told me the same thing, but I don't know.... When you check the allow ICMP option, your simply allowing "ANY ANY ICMP_Proto ALLOW", but I don't think that really means it's stateful. Just that it works. And there's really no way to prove it one way or the other with that option, since external hosts would be allowed to ping things anyway. Just my .02p. Jason Byoung Sun Yu wrote: > > FW-1 4.0 or later keeps the state of ICMP IF and ONLY IF Accept ICMP option > is checked in the Properties. > > Sun Yu, CISSP > Lucent Worldwide Services > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]]On > > Behalf Of Carl > > E. Mankinen > > Sent: Wednesday, January 10, 2001 9:00 AM > > To: [email protected] > > Subject: [FW1] ICMP Stateful or NOT ? > > > > > > > > I seem to be reading quite a bit that even 4.X does not use > > stateful inspection > > for ICMP requests. Is this in fact the case, or has > > CheckPoint corrected this > > in the latest releases? > > > > For them to say that ICMP packets are harmless and thus do not require > > stateful inspection is beyond belief (having my doubts they > > actually said this...) > > ICMP is a perfect method for tunneling control connections > > for trojans, or > > for sending obscured hashed data containing information you > > wouldn't like exposed. > > > > > > > > > > > > ============================================================== > > ================== > > To unsubscribe from this mailing list, please see the > > instructions at > > http://www.checkpoint.com/services/mailing.html > > ============================================================== > > ================== > > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|