Educause Security Discussion mailing list archives
Re: Cisco FWSM and Random Sequencing
From: Chris Green <cmgreen () UAB EDU>
Date: Mon, 21 Oct 2013 13:11:15 +0000
While yelling about FWSMs, they don't support TCP Selective Acknowledgement skipping which can also cause the transfers to stall. no sysopt connection tcp sack-permitted Not sure if later code releases fixed this but I don't think so. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ian McDonald Sent: Friday, October 18, 2013 8:21 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Cisco FWSM and Random Sequencing Has anyone else encountered this issue with a FWSM or any other firewalls? If so was the solution to disable the sequence number randomization? Yes. Yes. Thanks Josh Flaherty Information Technology Security Officer Office of Information Technology Indiana State University
Current thread:
- Cisco FWSM and Random Sequencing Josh Flaherty (Oct 18)
- Re: Cisco FWSM and Random Sequencing Ian McDonald (Oct 18)
- Re: Cisco FWSM and Random Sequencing Peter Setlak (Oct 18)
- Re: Cisco FWSM and Random Sequencing Chris Green (Oct 21)
- Re: Cisco FWSM and Random Sequencing Ian McDonald (Oct 18)