Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [fw-wiz] RE: [rapt] FTP problem - Raptor Solaris firewall and NT4 SP6 ftp servers

From: tbh1 <tbh1 () bellsouth net>
Date: Fri, 22 Sep 2000 22:12:17 -0400
I've read those docs before.  I would be hard pressed to figure out what 
files were changed on a system after a service pack has been applied, 
except for digging through lots (and I do mean lots) of documentation or 
looking at the saved files.  Lots of the explainations don't tell you what 
file(s) are being changed, etc.

Maybe you have a different impression than I do (or anyone else that I 
know) that the service packs are clearly documented.  I think they are a 
black hole.

It's much easier to understand a Sun patch cluster, for example.   There is 
a patch, and it has an explanation with it as to what module(s) are being 
changed.  And so forth through the set of patches.  Each one can be backed 
our on it's own if you don't want it, or if it causes a problem with your 
software.  Try that with an NT service pack ...

tom Hutton
eCommSecurity

-----Original Message-----
From:   shewitt () cdw com [SMTP:shewitt () cdw com]
Sent:   Friday, September 22, 2000 6:06 PM
To:     tbh1 () bellsouth net
Cc:     firewall-wizards () nfr com
Subject:        RE: [fw-wiz] RE: [rapt] FTP problem - Raptor Solaris firewall 
and     NT4 SP6 ftp servers

Microsoft documents all the changes in each service pack.  It is usually
found on the same page that you access the service pack on.
For instance, on the Service Pack 6a page:
http://www.microsoft.com/ntserver/nts/downloads/recommended/SP6/allSP6.asp

There is a bullet point under "Learn More" with these links:

  List of Bugs Fixed in Windows NT 4.0 Service Pack 6/6a (Part 1)
     http://support.microsoft.com/support/kb/articles/q241/2/11.asp

  List of Bugs Fixed in Windows NT 4.0 Service Pack 6/6a (Part 2)
     http://support.microsoft.com/support/kb/articles/q244/6/90.asp

I hope this helps.

--Scott


-----Original Message-----
From: tbh1 [mailto:tbh1 () bellsouth net]
Sent: Thursday, September 21, 2000 6:08 AM
To: 'Wildt, Bob'; 'raptor-list () firetower com';
'firewall-wizards () nfr net'
Cc: Moles, Robert
Subject: [fw-wiz] RE: [rapt] FTP problem - Raptor Solaris firewall and
NT4 SP6 ftp servers


Bob -

There are documented and admitted TCP stack problems with FIN
packets in 6a
(which is I assume what SP you are talking about).  I am not
aware of them
issuing a fix for this yet, but I would suspect that there
will be a SP6b
sometime soon, as this problem has been known for at least 90 days.

6 (with no a) is a huge TCP stack mess.  5 has it's problems
also.  4 is
relatively clean.

Let's not get started about what a peice of crap Win2000 is
behind the
scenes.

This discussion should be aimed at Microsoft to document
clearly what a
service pack does.  Each one makes hundreds or thousands of
changes, and to
this point at least, they will not tell you what all the service pack
changes.

Tom Hutton
eCommSecurity

-----Original Message-----
From: Wildt, Bob [SMTP:WildtB () kochind com]
Sent: Wednesday, September 20, 2000 11:09 AM
To:   'raptor-list () firetower com'; 'firewall-wizards () nfr net'
Cc:   Moles, Robert
Subject:      [rapt] FTP problem - Raptor Solaris firewall
and NT4 SP6 ftp
servers

I'm looking for anyone else that may be experiencing this
problem or any
insight into it.

I have two Axent Raptor firewalls (v5.0.3 and v6.0.2 on
Solaris 2.6) that
exhibit this problem.  FTP sessions initiated by the firewall
to NT4 SP6
servers will often hang waiting for a data channel (port 20)
FIN packet.
 It
appears that the FIN packet is coming out of sequence when
compared to a
successful command, which causes the session to hang.  The problem is
internittent but consistent.  It may fail on the 1st command
of a session
or
on a later command.  It almost always fails with 6 or 7 commands.

I have the problem only between my Raptor firewalls and NT4
service pack 6
servers (3 different NT servers so far).  One of our partners
upgraded to
SP6 last weekend and ftp transfers that had been running
flawlessly are now
hanging.  I don't know if this happens to all NT4 SP6 servers
we connect
to,
but it does seem to be a pattern.

I have been working with Axent support on this, but they are
having trouble
recreating the problem.  If you can answer any of these
questions, I would
appreciate a response.

1) Any other Axent Raptor users out there that are
experiencing similar
problems?

2) Has anyone other than Raptor users had similar problems
communicating
with NT4 SP6 servers?

3) Does anyone know of specific changes made in NT service pack 6 as
pertains to their TCP/IP stack?

Thanks.
- - - - - - - - - -
Bob Wildt
UNIX and Mainframe Systems
Koch Industries Inc.
wildtb () kochind com
316-828-6970



* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
* This list is sponsored by FireTower, Inc. -- Security Consulting
*
* Before posting, please check the following resources:
*    Patches/Hotfixes... http://www.raptor.com/cs/patches/
*    Raptor FAQs........ http://www.raptor.com/cs/FAQ/
*    FireTower FAQs..... http://www.firetower.com/faqs/
*    List Archives...... http://firetower.com/archives.html
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards



_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: