Frozen Fido : RU.UNIX.BSD : Re: Passive FTP

ru.unix.bsd

 
 - RU.UNIX.BSD ------------------------------------------------------------------
 From : Victor Sudakov                       2:5020/400     24 Aug 2005  07:07:14
 To : Gleb Smirnoff
 Subject : Re: Passive FTP
 --------------------------------------------------------------------------------

 u>
 
 From: Victor Sudakov <vas@mpeks.tomsk.su>
 
 Gleb Smirnoff wrote:
 
 >>>>> есть pf, есть ipfw2 которые понимают, что такое statefull
 >>> 
 >>> VS> Понимание ipfw очень примитивно. Hазвать это stateful inspection
 >>> VS> можно только издеваясь. Оно даже дырочку для простой TCP сессии
 >>> VS> закрывает по таймауту, вместо отслеживания состояния соединения.
 >>> 
 >>> Ссылку на код будем давать? Я вот вижу обратное.
 > 
 > VS> Какой код?
 > 
 > Код на языке Це. В файле ip_fw2.c.
 
 Как видно из дальнейшего письма, прекрасно обошлись и без.
 
 [dd]
 
 > VS> Или мои сведения устарели и динамические правила нынче протухают не по
 > VS> таймауту?
 > 
 >  По таймауту. Грубо говоря, ваше утверждение выше верно. Hо дело в том,
 > что таймаут меняется в зависимости от текущего состояния TCP сессии.
 > Поэтому, если выражаться точно, то утверждение выше не верно.
 
 Поправка принимается. Признаю, что думал об ipfw хуже, чем он того
 заслуживает.
 
 > 
 > Предвосхищая дальнейшую дискуссию, буду утверждать, что если stateful
 > firewall будет удалять state мгновенно по получении RST или FIN пакета,
 > то он будет сильно не прав. Почему так - предлагаю додумать самому.
 
 Ты не профессор, а я не твой студент, поэтому предлагаю оставить
 подобный тон. Ты мне еще домашнее задание дай.
 
 Кстати, CBAC IOS-овый делает именно так - сессия закрывается сразу и
 динамический ACL через несколько секунд удаляется. Проблем пока не замечал.
 
 > 
 > VS> L4 и есть TCP. Впрочем, хоть горшком назови, а нужен МСЭ со знанием
 > VS> протоколов прикладного уровня.
 > 
 > Мне не нужен. Я допускаю, что кому-то нужен.
 
 Я думаю, многим нужен.
 
 -- 
 Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
 2:5005/49@fidonet http://vas.tomsk.ru/
 --- ifmail v.2.15dev5.3
  * Origin: AO "Svyaztransneft", SibPTUS (2:5020/400)

Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор

Тема:	Автор:	Дата:
Re: Passive FTP	Ivan Poplavsky	16 Aug 2005 22:44:21
Re: Passive FTP	Alexey G Misyuremko	23 Aug 2005 11:28:43
Re: Passive FTP	Victor Sudakov	23 Aug 2005 11:52:04
Re: Passive FTP	Alexey G Misyuremko	23 Aug 2005 12:16:45
Re: Passive FTP	Victor Sudakov	23 Aug 2005 13:56:51
Passive FTP	Slawa Olhovchenkov	23 Aug 2005 14:11:28
Re: Passive FTP	Victor Sudakov	23 Aug 2005 15:36:43
Passive FTP	Alex Semenyaka	23 Aug 2005 19:40:46
Re: Passive FTP	Victor Sudakov	24 Aug 2005 06:52:05
Passive FTP	Alex Semenyaka	24 Aug 2005 12:06:04
Passive FTP	Slawa Olhovchenkov	24 Aug 2005 07:42:42
Passive FTP	Vladimir Kurtukov	24 Aug 2005 11:46:37
Passive FTP	Alex Semenyaka	24 Aug 2005 12:19:28
Passive FTP	Slawa Olhovchenkov	25 Aug 2005 09:50:48
Passive FTP	Alex Semenyaka	25 Aug 2005 13:01:16
Passive FTP	Slawa Olhovchenkov	25 Aug 2005 16:10:20
Passive FTP	Alex Semenyaka	25 Aug 2005 17:28:16
Passive FTP	Slawa Olhovchenkov	25 Aug 2005 22:30:26
Passive FTP	Slawa Olhovchenkov	24 Aug 2005 07:13:28
Re: Passive FTP	Victor Sudakov	24 Aug 2005 09:22:10
Re: Passive FTP	Spartak Radchenko	23 Aug 2005 14:39:51
Re: Passive FTP	Gleb Smirnoff	23 Aug 2005 16:40:52
Re: Passive FTP	Victor Sudakov	23 Aug 2005 21:16:57
Re: Passive FTP	Gleb Smirnoff	23 Aug 2005 23:04:53
Re: Passive FTP	Victor Sudakov	24 Aug 2005 06:42:02
Re: Passive FTP	Gleb Smirnoff	24 Aug 2005 11:50:30
Passive FTP	Alex Semenyaka	24 Aug 2005 12:22:56
Re: Passive FTP	Alexey G Misyuremko	24 Aug 2005 14:15:54
Re: Passive FTP	Victor Sudakov	24 Aug 2005 14:32:09
Re: Passive FTP	Alexey G Misyuremko	24 Aug 2005 14:48:31
Passive FTP	Alex Semenyaka	24 Aug 2005 17:10:16
Passive FTP	Slawa Olhovchenkov	24 Aug 2005 07:45:42
Re: Passive FTP	Gleb Smirnoff	23 Aug 2005 16:39:18
Re: Passive FTP	Alexey G Misyuremko	23 Aug 2005 17:02:32
Re: Passive FTP	Victor Sudakov	23 Aug 2005 21:16:58
Re: Passive FTP	Gleb Smirnoff	23 Aug 2005 23:14:33
Re: Passive FTP	Victor Sudakov	24 Aug 2005 07:07:14
Re: Passive FTP	Gleb Smirnoff	24 Aug 2005 11:56:36
Re: Passive FTP	Victor Sudakov	24 Aug 2005 13:06:53
Re: Passive FTP	Gleb Smirnoff	24 Aug 2005 13:57:57
Re: Passive FTP	Alexey G Misyuremko	24 Aug 2005 14:18:28
Passive FTP	Alex Semenyaka	24 Aug 2005 13:07:46
Re: Passive FTP	Gleb Smirnoff	24 Aug 2005 15:04:10
Passive FTP	Alex Semenyaka	24 Aug 2005 17:00:16
Re: Passive FTP	Gleb Smirnoff	25 Aug 2005 12:10:00
Passive FTP	Alex Semenyaka	24 Aug 2005 13:03:28
Re: Passive FTP	Gleb Smirnoff	24 Aug 2005 15:00:08
Passive FTP	Alex Semenyaka	24 Aug 2005 16:46:14
Re: Passive FTP	Gleb Smirnoff	25 Aug 2005 12:05:49
Passive FTP	Alex Semenyaka	25 Aug 2005 13:06:06
Re: Passive FTP	Gleb Smirnoff	25 Aug 2005 17:05:45
Passive FTP	Alex Semenyaka	25 Aug 2005 17:57:42
Re: Passive FTP	Eugene Grosbein	25 Aug 2005 23:04:05
Passive FTP	Alex Semenyaka	25 Aug 2005 21:52:48
Re: Passive FTP	Eugene Grosbein	26 Aug 2005 09:16:42
Passive FTP	Alex Semenyaka	26 Aug 2005 12:14:08
Re: Passive FTP	Eugene Grosbein	26 Aug 2005 18:17:57
Passive FTP	Alex Semenyaka	26 Aug 2005 17:27:06
Re: Passive FTP	Eugene Grosbein	26 Aug 2005 22:21:02
Passive FTP	Alex Semenyaka	26 Aug 2005 20:21:04
Re: Passive FTP	Eugene Grosbein	27 Aug 2005 02:13:20
Passive FTP	Alex Semenyaka	27 Aug 2005 13:54:36
Re: Passive FTP	Eugene Grosbein	28 Aug 2005 17:29:28
Passive FTP	Alex Semenyaka	28 Aug 2005 17:01:16
Re: Passive FTP	Eugene Grosbein	28 Aug 2005 23:31:31
Passive FTP	Alex Semenyaka	29 Aug 2005 13:16:40
Re: Passive FTP	Eugene Grosbein	29 Aug 2005 22:53:05
Passive FTP	Alex Semenyaka	30 Aug 2005 13:05:48
Re: Passive FTP	Sergey Skvortsov	26 Aug 2005 16:27:19
Passive FTP	Alex Semenyaka	26 Aug 2005 17:58:10
Re: Passive FTP	Sergey Skvortsov	26 Aug 2005 23:39:28
Passive FTP	Alex Semenyaka	27 Aug 2005 14:15:52
Passive FTP	Slawa Olhovchenkov	27 Aug 2005 19:31:30
Re: Passive FTP	Kirill Ponomarew	27 Aug 2005 22:30:31
Re: Passive FTP	Sergey Skvortsov	30 Aug 2005 13:59:05
Passive FTP	Alex Semenyaka	30 Aug 2005 16:05:26
Re: Passive FTP	Sergey Skvortsov	30 Aug 2005 18:15:14
Passive FTP	Alex Semenyaka	30 Aug 2005 21:22:00
Re: Passive FTP	Paul Argentoff	30 Aug 2005 18:38:52
Passive FTP	Alex Semenyaka	30 Aug 2005 21:25:06
Re: Passive FTP	Gleb Smirnoff	26 Aug 2005 16:36:23
Passive FTP	Alex Semenyaka	26 Aug 2005 18:22:00
Re: Passive FTP	Eugene Grosbein	27 Aug 2005 02:15:57
Passive FTP	Alex Semenyaka	27 Aug 2005 14:09:36
Re: Passive FTP	Eugene Grosbein	28 Aug 2005 17:32:02
Passive FTP	Alex Semenyaka	28 Aug 2005 17:04:20
Re: Passive FTP	Valentin Davydov	28 Aug 2005 19:50:28
Re: Passive FTP	Kirill Ponomarew	28 Aug 2005 20:40:25
Passive FTP	Slawa Olhovchenkov	30 Aug 2005 16:00:50
Re: Passive FTP	Valentin Nechayev	30 Aug 2005 16:20:19
Passive FTP	Slawa Olhovchenkov	30 Aug 2005 16:30:24
Re: Passive FTP	Gleb Smirnoff	30 Aug 2005 17:56:48
Passive FTP	Alex Semenyaka	28 Aug 2005 19:20:52
Re: Passive FTP	Paul Argentoff	30 Aug 2005 15:35:32
Re: Passive FTP	Eugene Grosbein	30 Aug 2005 19:10:13
Re: Passive FTP	Paul Argentoff	30 Aug 2005 16:36:40
Re: Passive FTP	Eugene Grosbein	30 Aug 2005 20:22:30
Re: Passive FTP	Paul Argentoff	30 Aug 2005 18:26:19
Re: Passive FTP	Eugene Grosbein	30 Aug 2005 22:38:04
Re: Passive FTP	Paul Argentoff	31 Aug 2005 10:06:30
Re: Passive FTP	Paul Argentoff	31 Aug 2005 10:10:49
Passive FTP	Max Khon	31 Aug 2005 14:34:38
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 16:32:13
Re: Passive FTP	Gleb Smirnoff	31 Aug 2005 12:58:43
Passive FTP	Slawa Olhovchenkov	31 Aug 2005 13:08:42
Re: Passive FTP	Gleb Smirnoff	31 Aug 2005 13:32:41
Re: Passive FTP	Andrew Filonov	31 Aug 2005 18:39:40
Re: Passive FTP	Paul Argentoff	30 Aug 2005 18:27:49
Re: Passive FTP	Eugene Grosbein	30 Aug 2005 22:53:56
Passive FTP	Alex Semenyaka	30 Aug 2005 21:53:54
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 11:35:07
Passive FTP	Alex Semenyaka	30 Aug 2005 22:00:42
Re: Passive FTP	Paul Argentoff	31 Aug 2005 10:26:46
Re: Passive FTP	Paul Argentoff	31 Aug 2005 10:21:18
Passive FTP	Alex Semenyaka	30 Aug 2005 21:34:56
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 08:54:08
Passive FTP	Alex Semenyaka	31 Aug 2005 22:31:26
Passive FTP	Alex Semenyaka	31 Aug 2005 22:41:18
Passive FTP	Alex Semenyaka	01 Sep 2005 01:29:58
Passive FTP	Alex Semenyaka	30 Aug 2005 21:31:10
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 08:53:41
Passive FTP	Max Khon	31 Aug 2005 14:31:48
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 16:28:14
Passive FTP	Alex Semenyaka	31 Aug 2005 22:26:06
Re: Passive FTP	Moderator of RU.UNIX.BSD	31 Aug 2005 23:54:16
Re: Passive FTP	Eugene Grosbein	01 Sep 2005 09:28:29
Passive FTP	Alex Semenyaka	01 Sep 2005 10:26:30
Re: Passive FTP	Eugene Grosbein	01 Sep 2005 16:50:38
Passive FTP	Max Khon	01 Sep 2005 15:49:14
Re: Passive FTP	Eugene Grosbein	01 Sep 2005 19:04:17
Passive FTP	Alex Semenyaka	31 Aug 2005 22:41:22
Passive FTP	Alex Semenyaka	01 Sep 2005 01:29:56
Re: Passive FTP	Gleb Smirnoff	30 Aug 2005 17:54:17
Passive FTP	Alex Semenyaka	30 Aug 2005 21:37:12
Re: Passive FTP	Gleb Smirnoff	31 Aug 2005 13:16:39
Passive FTP	Alex Semenyaka	31 Aug 2005 23:28:58
Re: Passive FTP	Gleb Smirnoff	01 Sep 2005 04:22:42
Re: Passive FTP	Valentin Nechayev	01 Sep 2005 10:54:18
Passive FTP	Slawa Olhovchenkov	01 Sep 2005 11:15:00
Re: Passive FTP	Gleb Smirnoff	01 Sep 2005 11:39:34
Passive FTP	Alex Semenyaka	01 Sep 2005 12:14:42
Passive FTP	Max Khon	01 Sep 2005 16:18:40
Passive FTP	Alex Semenyaka	01 Sep 2005 10:10:12
Re: Passive FTP	Gleb Smirnoff	01 Sep 2005 13:28:41
Passive FTP	Slawa Olhovchenkov	01 Sep 2005 08:39:14
Passive FTP	Alex Semenyaka	01 Sep 2005 10:45:02
Passive FTP	Slawa Olhovchenkov	01 Sep 2005 13:09:44
Passive FTP	Alex Semenyaka	30 Aug 2005 16:18:10
Re: Passive FTP	Paul Argentoff	30 Aug 2005 18:42:52
Passive FTP	Alex Semenyaka	30 Aug 2005 21:25:38
Re: Passive FTP	Paul Argentoff	31 Aug 2005 10:35:31
Passive FTP	Alex Semenyaka	31 Aug 2005 23:15:58
Re: Passive FTP	Paul Argentoff	01 Sep 2005 12:29:05
Passive FTP	Alex Semenyaka	01 Sep 2005 12:56:00
Re: Passive FTP	Paul Argentoff	01 Sep 2005 12:35:58
Passive FTP	Alex Semenyaka	01 Sep 2005 15:02:10
Passive FTP	Ilya Kulagin	31 Aug 2005 12:31:30
Passive FTP	Max Khon	29 Aug 2005 17:43:34
Re: Passive FTP	Eugene Grosbein	28 Aug 2005 23:30:07
Passive FTP	Alex Semenyaka	29 Aug 2005 13:16:12
Re: Passive FTP	Eugene Grosbein	29 Aug 2005 22:50:59
Passive FTP	Alex Semenyaka	30 Aug 2005 13:26:18
Re: Passive FTP	Eugene Grosbein	30 Aug 2005 19:02:03
Passive FTP	Alex Semenyaka	30 Aug 2005 20:51:36
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 13:03:47
Re: Passive FTP	Paul Argentoff	31 Aug 2005 10:54:20
Re: Passive FTP	Eugene Grosbein	31 Aug 2005 14:49:49
Re: Passive FTP	Paul Argentoff	31 Aug 2005 13:06:27
Passive FTP	Alex Semenyaka	31 Aug 2005 23:47:30
Passive FTP	Alex Semenyaka	31 Aug 2005 23:08:28
Re: Passive FTP	Eugene Grosbein	01 Sep 2005 09:55:29
Passive FTP	Alex Semenyaka	01 Sep 2005 10:33:24
Re: Passive FTP	Paul Argentoff	01 Sep 2005 12:11:49
Passive FTP	Alex Semenyaka	01 Sep 2005 15:05:24
Re: Passive FTP	Andrew Filonov	24 Aug 2005 12:36:29
Re: Passive FTP	Victor Sudakov	24 Aug 2005 13:06:53
Passive FTP	Alex Semenyaka	23 Aug 2005 19:45:26
Re: Passive FTP	Gleb Smirnoff	23 Aug 2005 23:19:39
Passive FTP	Alex Semenyaka	23 Aug 2005 22:49:56
Re: Passive FTP	Paul Argentoff	29 Aug 2005 13:44:50
Re: Passive FTP	Valentin Nechayev	29 Aug 2005 14:43:43
Passive FTP	Alex Semenyaka	29 Aug 2005 15:16:40
Re: Passive FTP	Valentin Nechayev	30 Aug 2005 01:51:48
Passive FTP	Alex Semenyaka	30 Aug 2005 13:37:34
Re: Passive FTP	Valentin Nechayev	30 Aug 2005 16:10:09
Passive FTP	Alex Semenyaka	30 Aug 2005 20:59:00
Re: Passive FTP	Valentin Nechayev	30 Aug 2005 16:19:18
Passive FTP	Alex Semenyaka	30 Aug 2005 21:07:42
Passive FTP	Alex Semenyaka	29 Aug 2005 15:09:00
Re: Passive FTP	Valentin Nechayev	29 Aug 2005 14:29:29
Passive FTP	Alex Semenyaka	29 Aug 2005 15:06:54

Архивное /ru.unix.bsd/9167ebb728e2.html, оценка 1 из 5, голосов 10