From: Kurt Kruegel (kurt@cybernex.net)
Date: Sun Nov 09 2003 - 23:45:20 GMT-3
the first one permits packets with the ack bit set ,
meaning they are part of an already "established"
tcp session.
the second
you are allowing packets with syn
bit set.
meaning you are allowing all tcp handshakes to be started.
----- Original Message -----
From: "Peng Zheng" <zpnist@yahoo.com>
To: <ccielab@groupstudy.com>
Sent: Sunday, November 09, 2003 2:21 PM
Subject: What's the difference between these two?
> access-list 100 deny tcp any any established
> access-list 100 permit tcp any any
>
> and
>
> access-list 100 permit tcp any any syn
>
>
> Thanks.
>
>
> __________________________________
> Do you Yahoo!?
> Protect your identity with Yahoo! Mail AddressGuard
> http://antispam.yahoo.com/whatsnewfree
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:09 GMT-3