Great Circle Associates Firewalls
(June 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: source port filtering
From: brian @ lloyd . com (Brian Lloyd)
Date: Fri, 3 Jun 94 15:26 PDT
To: Firewalls @ GreatCircle . COM 
Source port filtering is most interesting when the source system is a
system under your control.  I use source port filtering to control packets
outbound from the network under my control.  I use it for controlling TCP
traffic in *both* directions.  Being a "belt and suspenders" person I
prefer to control the flow of traffic both inbound and outbound.  For that
I want source port filtering for packets outbound from my network.

No, I do not trust the source port value in a packet coming in from the
larger Internet and I therefore agree with the gentleman from cisco that
source port is of considerably less interest for use with packets coming
from hosts not within my control.


Brian Lloyd, President                         Lloyd Internetworking
brian @
 lloyd .
 com                                3031 Alhambra Drive
(916) 676-1147 - voice                         Suite 102
(916) 676-3442 - fax                           Cameron Park, CA  95682
Indexed By Date Previous: source routing
From: tdolce @ dino . leg . ca . gov (Tom Dolce)
Next: Re: source routing
From: Brent Chapman <brent @ mycroft . GreatCircle . COM>
Indexed By Thread Previous: Source port filtering
From: MICHAEL NITTMANN <NITTMANN @ UWLAX . EDU>
Next: tcp/ip training
From: David Miller <isdmill @ gatekeeper . ddp . state . me . us>
Google
 
Search Internet Search www.greatcircle.com