Greetings, Gordon!
On Tue, 6 Jan 1998 16:37:03 -0500
Gordon LaSane <glasane @
gdsconnect .
com> wrote:
| One of the biggest complaints about stateful inspection is that if the
| state table becomes corrupt, the network could become vulnerable to the
| outside.
You surely haven't had a look inside stateful inspection firewalls, have
you? You have to distinguish between two possibilities on how tables
can become corrupt:
1.) accidentally deleted entries
2.) forged entries
Accidentally deleted entries only have one effect: active connections
become inactive and therefore further packets belonging to this
connections could no longer traverse the firewall.
Forged entries may have the effect you described. But this is a point
where we discuss the security of the firewall itself and not the
security services a firewall should provide for networks.
|
| [snipped commercial offerings]
|
Regards,
Oliver Lau
[CTO]
Sauer und Partner GmbH, NetzwerkTechnologie und Sicherheit
Dietrich-Bonhoeffer-Strasse 1-3, 35037 Marburg, Germany
fon: +49 6421 938300, fax: +49 6421 938390, URL: http://www.skp.de/
PGP-Fingerprint: 6696 C8B6 F351 A381 D1C9 BC41 98F2 6DE3
Follow-Ups:
References:
|
|
