-
January 13th, 2010, 08:37 PM
#1
Member
Firewalls blocking SYN packets
Hi again, guys.
I'm currently playing with several of the firewall distros and today came across a problem I don't know how to handle correctly.
I first noticed the issue with Endian (which has a set of pre-defined firewall rules), but after adding some basic rules to Vyatta (namely blocking all outbound TCP except for http(s), IMAP(s), POP3(s), SMTP, DNS), hit the same query.
One of the sites I visit is https. I was having difficulty connecting to it. Upon examining the logs, there were some outbound TCP SYN requests that were being blocked, destined for ports 843 and 32256/32257. Allowing these ports out cured the problem.
For future reference, though, rather than open ports (which could vary by the look of it), I was wondering if it was OK to, say, allow all outbound SYN requests from the lan? Or SYN requests for established connections only? Or am I paving the way to vuln city?
Thanks.
What's your favourite OS?
Seen it. Tried it. Crashed it.
Similar Threads
-
By heatwave in forum AntiOnline's General Chit Chat
Replies: 4
Last Post: October 12th, 2012, 08:53 AM
-
By qod in forum The Security Tutorials Forum
Replies: 6
Last Post: February 27th, 2004, 03:03 AM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By NullDevice in forum The Security Tutorials Forum
Replies: 21
Last Post: December 17th, 2003, 10:03 PM
-
By Ennis in forum The Security Tutorials Forum
Replies: 4
Last Post: November 15th, 2001, 07:42 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|