Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RE: [rapt] FTP problem - Raptor Solaris firewall and NT4 SP6 ftp servers

From: shewitt () cdw com
Date: Fri, 22 Sep 2000 17:06:28 -0500
Microsoft documents all the changes in each service pack.  It is usually
found on the same page that you access the service pack on.  
For instance, on the Service Pack 6a page:
http://www.microsoft.com/ntserver/nts/downloads/recommended/SP6/allSP6.asp

There is a bullet point under "Learn More" with these links:

  List of Bugs Fixed in Windows NT 4.0 Service Pack 6/6a (Part 1)
     http://support.microsoft.com/support/kb/articles/q241/2/11.asp

  List of Bugs Fixed in Windows NT 4.0 Service Pack 6/6a (Part 2)
     http://support.microsoft.com/support/kb/articles/q244/6/90.asp

I hope this helps.

--Scott


-----Original Message-----
From: tbh1 [mailto:tbh1 () bellsouth net]
Sent: Thursday, September 21, 2000 6:08 AM
To: 'Wildt, Bob'; 'raptor-list () firetower com';
'firewall-wizards () nfr net'
Cc: Moles, Robert
Subject: [fw-wiz] RE: [rapt] FTP problem - Raptor Solaris firewall and
NT4 SP6 ftp servers


Bob -

There are documented and admitted TCP stack problems with FIN 
packets in 6a 
(which is I assume what SP you are talking about).  I am not 
aware of them 
issuing a fix for this yet, but I would suspect that there 
will be a SP6b 
sometime soon, as this problem has been known for at least 90 days.

6 (with no a) is a huge TCP stack mess.  5 has it's problems 
also.  4 is 
relatively clean.

Let's not get started about what a peice of crap Win2000 is 
behind the 
scenes.

This discussion should be aimed at Microsoft to document 
clearly what a 
service pack does.  Each one makes hundreds or thousands of 
changes, and to 
this point at least, they will not tell you what all the service pack 
changes.

Tom Hutton
eCommSecurity

-----Original Message-----
From: Wildt, Bob [SMTP:WildtB () kochind com]
Sent: Wednesday, September 20, 2000 11:09 AM
To:   'raptor-list () firetower com'; 'firewall-wizards () nfr net'
Cc:   Moles, Robert
Subject:      [rapt] FTP problem - Raptor Solaris firewall 
and NT4 SP6 ftp 
servers

I'm looking for anyone else that may be experiencing this 
problem or any
insight into it.

I have two Axent Raptor firewalls (v5.0.3 and v6.0.2 on 
Solaris 2.6) that
exhibit this problem.  FTP sessions initiated by the firewall 
to NT4 SP6
servers will often hang waiting for a data channel (port 20) 
FIN packet. 
 It
appears that the FIN packet is coming out of sequence when 
compared to a
successful command, which causes the session to hang.  The problem is
internittent but consistent.  It may fail on the 1st command 
of a session 
or
on a later command.  It almost always fails with 6 or 7 commands.

I have the problem only between my Raptor firewalls and NT4 
service pack 6
servers (3 different NT servers so far).  One of our partners 
upgraded to
SP6 last weekend and ftp transfers that had been running 
flawlessly are now
hanging.  I don't know if this happens to all NT4 SP6 servers 
we connect 
to,
but it does seem to be a pattern.

I have been working with Axent support on this, but they are 
having trouble
recreating the problem.  If you can answer any of these 
questions, I would
appreciate a response.

1) Any other Axent Raptor users out there that are 
experiencing similar
problems?

2) Has anyone other than Raptor users had similar problems 
communicating
with NT4 SP6 servers?

3) Does anyone know of specific changes made in NT service pack 6 as
pertains to their TCP/IP stack?

Thanks.
- - - - - - - - - -
Bob Wildt
UNIX and Mainframe Systems
Koch Industries Inc.
wildtb () kochind com
316-828-6970



* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
* This list is sponsored by FireTower, Inc. -- Security Consulting
*
* Before posting, please check the following resources:
*    Patches/Hotfixes... http://www.raptor.com/cs/patches/
*    Raptor FAQs........ http://www.raptor.com/cs/FAQ/
*    FireTower FAQs..... http://www.firetower.com/faqs/
*    List Archives...... http://firetower.com/archives.html
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards



_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: