Re: FW and TCP Sessions

[cs 2004 <cskb2004 () yahoo com>]

Manoj,

That indeed was an intersting observation and I think
your are right.

Statefule firewalls maintain a stateful session flow
table when a client initiates a request, which
contains source, destination addresses, TCP sequencing
information,Port numbers and additional TCP flags for
each connection pertaining to that host and creates a
connection object in the firewall.

All inbound packets are then compared against the
session flows in the connection table to validate the
passage. This connection object is dropped upon
termination of the session. Typically connection
object is hashed on the firewall.

--Chandan

--- Manoj Kumar Neelapareddy
<manojkreddyutl () yahoo com> wrote:
> Hi,
>
> if a FW is said to be a stateful firewall, then will
> it allow a TCP packet to pass through it(outbound),
> if
> i haven't sent a TCP SYN to initiate a TCP Session
> before sending this TCP packet?
>
> I heard that Statefull firewall won't allow any TCP
> packets, other than TCP SYNs to pass through it, if
> there is no session corresponding a TCP packet is
> maintained in FW's session table.
>
> and FW will create a new session only when it
> detects
> a TCP SYN.
>
> is this correct?
>
> comments plz.
>
> thank u
> Manoj
>
>
>       
>               
> __________________________________
> Do you Yahoo!?
> Friends.  Fun.  Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/ 
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



        
                
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/ 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards