Re: Telnet

From: Petr Lapukhov (petrsoft@gmail.com)
Date: Tue Jun 13 2006 - 03:06:16 ART

• Next message: Petr Lapukhov: "Re: my lab experience"
• Previous message: Brian Dennis: "RE: Possible BUG?"
• Maybe in reply to: Sami: "Telnet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Victor, as for "established" keyword:

"..
For the TCP protocol only: Indicates an established connection. A match
occurs if the
TCP datagram has the ACK or RST bits set. The nonmatching case is that of
the initial
 TCP datagram to form a connection.
...
"

Next, there is a new feature in 12.3(4)T o match selected TCP flags:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hiap_c/ch05/haclflg.htm

Also, we have reflexive ACLs and CBAC to play around :)

HTH
Petr

2006/6/13, Victor Cappuccio <cvictor@protokolgroup.com>:
>
> Sorry WBee I erased your email my mistake
> So the established makes sure SYN bit is not on?
>
> access-list 100 permit tcp any any established
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Petr Lapukhov: "Re: my lab experience"
• Previous message: Brian Dennis: "RE: Possible BUG?"
• Maybe in reply to: Sami: "Telnet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:32 ART