Darksat IT Security Forums
June 24, 2019, 06:14:19 pm
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Darksat IT Security Forum
From Firewall Support, AntiVirus Questions, Spyware problems, Linux and Windows Security, Black Hat SEO right down to Website Design and Multimedia
 
  Home Help Search Gallery Links Staff List Login Register  

Is your Firewall statefull ?


Pages: [1]
  Print  
Author Topic: Is your Firewall statefull ?  (Read 1221 times)
Darksat
Administrator
Master
*******
Posts: 3303



View Profile WWW
« on: August 24, 2006, 04:13:43 am »

Ok today we are going to cover the advantages of a statefull firewall over a non statefull firewall.
The advantages of a statefull firewall are very big.
I can stealth scan an entire network through a non statefull firewall using the Ack scan method, shut it down remotely, or even crash the target machine.
Non statefull firewalls can be shut down by flooding them with ack packets, where as statefull firewalls have an inbuilt memory that records all outgoing Syn packets and only accepts ack packets if they match up the Ip for the SYn packets.

Stateless firewalls are called so because it has no memory of context for connection states.
 Each connection through it is a new connection, however a stateful firewall remembers the context of connections and continuously updates this state information in dynamic connection tables.
This can be a very good thing because a hacker trying to gain access through a firewall has less chance of forging entry as part of a valid series of connections because the context shows that the additional connection does not make sense in the context of the legitimate user.
Saying that though some statefull firewalls can be crashed by using a syn overflow in an attempt to overload the dynamic connection table.
although a good statefull firewall should be immune to such attacks.
« Last Edit: August 24, 2006, 04:19:33 am by Darksat » Report Spam   Logged

solidghost
Master
*****
Posts: 737



View Profile
« Reply #1 on: August 25, 2006, 08:45:39 am »

SO it's very likely that those consumer grade routers that is available in the market are stateless right ?
Report Spam   Logged
Darksat
Administrator
Master
*******
Posts: 3303



View Profile WWW
« Reply #2 on: August 25, 2006, 09:44:38 am »

It depends on the router.
With regards Wifi Routers.
Most WIFI  B series (if not all)are stateless.
A lot of G series ones though have some form of SPI (statefull packet inspection)
All Nat firewalls have BASIC statefull inspection but proper SPI routers are much more secure.
Report Spam   Logged

Pages: [1]
  Print  
 
Jump to:  

Powered by EzPortal
eXTReMe Tracker
Security Forum
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum

Buy traffic for your forum/website
Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.047 seconds with 13 queries.