 | ||
 Drop out of state TCP packets | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2007-06-08 | |||
| |||
 Drop out of state TCP packets Hello Team, When we uncheck the option " Drop out of state TCP packets " in the global properties in smartdashboard, would it have any negative security impacts. Best Regards, Prasanth K Das  |
| 2007-06-10 | |||
| |||
| Re: Drop out of state TCP packets I guess a good question would be what are you looking to gain by turning off the firewall's ability to detect packets that are out of sequence and don't follow the proper TCP negotiation tactics? Is this causing problems? Chilljim is right - if you turn this functionality off you take away the firewalls ability to perform much "smart" analysis of the packets and are just running the traffic through the rules you have created. I ran into an issue where there was a lot of bad programs running on our corporate network (didn't follow any standards for using network communication) and would get these kinds of messages from the firewall. The users would restart their applications and everything would work fine. |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
