Re: Stateful firewalls and dynamic routing question.

I asked the question because it was a question on one of my networking
assignments. I didn't realize it was a trick question until it was
clarified. I never isuggested that *you* were the one who suggested
this. I wasn't looking for a free answer either. I was just wanted
some clarification. I appreciate your thorough replies as they did
help. Thanks

On Oct 17, 2:34 pm, Jeroen Geilman <n...@xxxxxxx> wrote:
abstractclass wrote:
This is what I understand so far:

A stateful firewall looks at an incoming packet, compares the IP and
ports to its ACL and logs the source & destination IP and source &
destination port # of an incoming connection in its state table to
allow an connection to enter the network.IF it passes the ACL, else it forgets about it (possibly logs a DENY.)

Dynamic routing causes the routing of packets to change based on the
network traffic load etc., yet the src/dest IP address never change in
these packets, even if the routing should change.

Looking at those two facts, I still don't see how dynamic routing can
cause problems for a stateful firewall if the firewall only looks at IP
and port numbers. I can't find anything in my book or on the internet
that mentions anything about problems with dynamic routing and stateful
firewalls.Then why did you ask the question ?
You make it sound as though *I* were the one to suggest this - yet that
question it is the first line in your original post...

My answer was:
>> For a pure firewall, no problems exist with respect to routing -
>> dynamic or otherwise.

J.

.

Relevant Pages

  • Re: Cant ping xp machine
    ... would check the routing table or use tarcert command to find where ping go ... Networking, Internet, Routing, VPN Troubleshooting on ... Next I thought there was a firewall issue on #1. ...
    (microsoft.public.windowsxp.network_web)
  • WinXP Professional "Firewall"
    ... saw blades, drill bits, etc.). ... all sorts of lofty claims during our initial phone conversation basically ... had to collaborate to make networking and the internet what it is today. ... expected me to be honestly impressed) that he had a FIREWALL installed. ...
    (comp.security.firewalls)
  • [SLE] 9.1 masquerading and firewall oddities
    ... I'm having troubles getting networking set up correctly in my fresh new ... I've found if I configure the Firewall for forwarding and masquerading and ... while the ppp connection is active everything ... I have a hotplug script for my ADSL modem that calls cinternet so the internet ...
    (SuSE)
  • Re: More on garbage
    ... Are you implicitly assuming that the firewall implementor ... specify their networking properties in detail. ... It is very common for the action of opening or closing a port to ... Polite words fail me. ...
    (sci.crypt)
  • Re: DNS but No Web
    ... Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net ...
    (microsoft.public.windows.server.networking)
Loading