"established" maximizes client system security

Discussion in 'Computer Security' started by The Dude, Aug 24, 2006.

  1. The Dude

    The Dude Guest

    Learning about named ACL, I came accross with a senario where it suggests to
    "use the _established_ keyword to maximize client system security. It will
    allow host clients to receive traffic from sources that were sent TCP
    request".

    Example:

    router (config)# ip access-list extended myacl
    router (config-ext-nacl)# permit tcp 0.0.0.0 255.255.255.255 192.168.12.0
    0.0.0.255 established


    Any link, feedback, explaination, will be greatly appreciated!

    The Dude
    The Dude, Aug 24, 2006
    #1
    1. Advertising

  2. The Dude

    The Dude Guest

    I guess security people do not have deep knowledge of ACL.

    "The Dude" <The > wrote in message
    news:qRlHg.463847$IK3.268034@pd7tw1no...
    > Learning about named ACL, I came accross with a senario where it suggests
    > to "use the _established_ keyword to maximize client system security. It
    > will allow host clients to receive traffic from sources that were sent TCP
    > request".
    >
    > Example:
    >
    > router (config)# ip access-list extended myacl
    > router (config-ext-nacl)# permit tcp 0.0.0.0 255.255.255.255 192.168.12.0
    > 0.0.0.255 established
    >
    >
    > Any link, feedback, explaination, will be greatly appreciated!
    >
    > The Dude
    >
    >
    >
    The Dude, Aug 30, 2006
    #2
    1. Advertising

  3. The Dude wrote:
    > I guess security people do not have deep knowledge of ACL.
    >
    > "The Dude" <The > wrote in message
    > news:qRlHg.463847$IK3.268034@pd7tw1no...
    >> Learning about named ACL, I came accross with a senario where it suggests
    >> to "use the _established_ keyword to maximize client system security. It
    >> will allow host clients to receive traffic from sources that were sent TCP
    >> request".
    >>
    >> Example:
    >>
    >> router (config)# ip access-list extended myacl
    >> router (config-ext-nacl)# permit tcp 0.0.0.0 255.255.255.255 192.168.12.0
    >> 0.0.0.255 established
    >>
    >>
    >> Any link, feedback, explaination, will be greatly appreciated!
    >>
    >> The Dude
    >>


    have a look at http://www.netcraftsmen.net/welcher/papers/reflexiveacl.html

    period.

    D.
    Daniel Drozdzewski, Sep 18, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rob Nicholson
    Replies:
    2
    Views:
    615
    Rob Nicholson
    Nov 29, 2005
  2. Graeme
    Replies:
    11
    Views:
    17,350
    Barry Margolin
    Dec 20, 2003
  3. just1coder
    Replies:
    1
    Views:
    1,298
    Walter Roberson
    Oct 14, 2004
  4. John Hardin
    Replies:
    1
    Views:
    496
    John Hardin
    Nov 10, 2004
  5. xFiver

    Wireless Router within established network

    xFiver, Aug 24, 2005, in forum: Computer Support
    Replies:
    10
    Views:
    717
Loading...

Share This Page