From: Peng Zheng (zpnist@yahoo.com)
Date: Mon Nov 10 2003 - 13:53:03 GMT-3
But in first, I use
access-list 100 permit tcp any any
I think it denied UDP either.
--- Scott Morris <swm@emanon.com> wrote:
> Sort of, kind of, but not necessarily
> intentionally...
>
> The first one you are denying things with the ACK
> bit (established) and
> permitting all else (including udp, etc.)
>
> In the second one, you are simply permitting the SYN
> exchange and
> denying all else (this denies udp, etc.)
>
> So they are a little different, but either one isn't
> TCP friendly. :)
>
> -----Original Message-----
> From: nobody@groupstudy.com
> [mailto:nobody@groupstudy.com] On Behalf Of
> Peng Zheng
> Sent: Sunday, November 09, 2003 11:04 PM
> To: Kurt Kruegel; ccielab@groupstudy.com
> Subject: Re: What's the difference between these
> two?
>
>
> In first one, I DENIED packets with the ack bit set
> and permit others. I think it's same as second one.
>
> --- Kurt Kruegel <kurt@cybernex.net> wrote:
> > the first one permits packets with the ack bit set
> ,
> > meaning they are part of an already "established"
> > tcp session.
> >
> > the second
> > you are allowing packets with syn
> > bit set.
> > meaning you are allowing all tcp handshakes to be
> > started.
> >
> > ----- Original Message -----
> > From: "Peng Zheng" <zpnist@yahoo.com>
> > To: <ccielab@groupstudy.com>
> > Sent: Sunday, November 09, 2003 2:21 PM
> > Subject: What's the difference between these two?
> >
> >
> > > access-list 100 deny tcp any any established
> > > access-list 100 permit tcp any any
> > >
> > > and
> > >
> > > access-list 100 permit tcp any any syn
> > >
> > >
> > > Thanks.
> > >
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > Protect your identity with Yahoo! Mail
> > AddressGuard
> > > http://antispam.yahoo.com/whatsnewfree
> > >
> > >
> >
>
This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:10 GMT-3