Firewall settings - incomplete TCP/UDP sessions

Firewall settings - incomplete TCP/UDP sessions
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Firewall settings - incomplete TCP/UDP sessions Bondi (Class-1) 01-24-2007
Posted by Bondi (Class-1) on January 24, 2007, 3:49 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello,

I've had increasing problems with my h/w firewall over the past weeks
due to 'syn flood to host (outbound)' problems.
Turns out my modded version of firefox triggers the f/w to hysterically
shut down the connection (flood control).
(I still don't know why this has only recently become a problem, as
I've made NO h/w or s/w changes, and have no viruses/spyware.)

I've basically tried to desensitise the f/w by adjusting:
'Maximum incomplete TCP/UDP sessions number from same host', (which was
originally 10) to 50 (max). This seems to work for the moment.

I don't want to set this too high, leaving my network vulnerable to dos
attacks, but I also don't want my surfing restricted by my own
firewall(!)
What is the correct (permissible) maximum value I should have this set
to?


Posted by Sebastian Gottschalk on January 24, 2007, 4:00 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Bondi (Class-1) wrote:

> I've basically tried to desensitise the f/w by adjusting:
> 'Maximum incomplete TCP/UDP sessions number from same host', (which was
> originally 10) to 50 (max). This seems to work for the moment.
>
> I don't want to set this too high, leaving my network vulnerable to dos
> attacks,

Huh? Now that's technical nonsense. I really fail to see any such DoS
condition due to allowing as many connections as you want and need, and
neither do I have any technical reference that anyone ever mentioned such a
scenario.

And in fact you'd rather DoS yourself with a too low setting.

> What is the correct (permissible) maximum value I should have this set
> to?

16777215 (2**24-1), the maximum.

Similar ThreadsPosted
Sonicwall gateway AV killing POP sessions May 26, 2006, 10:28 am
firewall settings November 15, 2004, 1:25 am
firewall settings June 7, 2007, 9:17 am
javaw.exe and firewall settings June 23, 2005, 12:22 pm
Cannot get email from NAS...firewall settings? February 27, 2007, 9:57 am
changing ZA firewall & modem NAT settings October 20, 2006, 3:35 am
Problems with Norton firewall settings August 26, 2007, 12:15 pm
Firewall Settings to Block Messenger Access November 9, 2004, 2:02 pm
Zone Alarm Firewall Network Settings November 4, 2005, 2:08 pm
Settings for Norton Personal Firewall to allow images March 23, 2006, 10:31 pm

The site map in XML format XML site map

Contact Us | Privacy Policy