[120940] in North American Network Operators' Group
RE: I don't need no stinking firewall!
daemon@ATHENA.MIT.EDU (Brandon M. Lapointe)
Wed Jan 6 12:19:46 2010
Date: Wed, 6 Jan 2010 11:18:55 -0600
In-Reply-To: <2873f3701001060849o68f0ff91n47e21e9ca54a235f@mail.gmail.com>
From: "Brandon M. Lapointe" <brandon@shrader.net>
To: "David Hiers" <hiersd@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
-----Original Message-----
From: David Hiers [mailto:hiersd@gmail.com]=20
Sent: Wednesday, January 06, 2010 10:50 AM
To: Brian Johnson
Cc: nanog@nanog.org
Subject: Re: I don't need no stinking firewall!
>Poking the dragon a bit, aren't you? Fun.
>If you really look at it, there is no quantitative difference between
>statefull and non-statefull. A non-stateful firewall can prevent a
>TCP session from entering the SYN_RECEIVED state by blocking the SYN
>packet, so it strongly impacts session state without really trying. A
>statefull firewall will venture a bit deeper into the state diagram
>with a few more rules, but this is mostly a quantitative difference
>when viewed at a behavioral level -snip-
>David
+1
As mentioned before, the line has substantially blurred with what =
current devices (routers/load balancers) can do in hardware.
Brandon L.
On Tue, Jan 5, 2010 at 12:16 PM, Brian Johnson <bjohnson@drtel.com> =
wrote:
> Security Gurus, et al,
>
> I have my own idea of what a firewall is and what it does. I also
> understand what statefull packet inspection is and what it does. Given
> this information, and not prejudging any responses, exactly what is a
> firewall for and when is statefull inspection useful?
>
> Please respond on-list as I want to have some useful discourse and
> discussion in the clear. Flamers and Trolls will be disregarded. :)
>
> Thank you.
>
> =A0- Brian
>
>
> =A0CONFIDENTIALITY NOTICE: This email message, including any =
attachments, is for the sole use of the
> intended recipient(s) and may contain confidential and privileged =
information. Any unauthorized review,
> copying, use, disclosure, or distribution is prohibited. If you are =
not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the =
original message. Thank you.
>
>
