| TheTAZZone.com |
| TheTAZZone.com website is the Information Arm of the TAZ Zones. . |
| TAZForum |
| TAZForum is a Community run by a Membership Committee of Administrators/Mods/ and regular members. A very relaxed atmosphere, feel free to lounge, relax, and enjoy yourself. |
| TheTAZZone.net |
| A full links page, and the latest posts. |
| The Security Zone |
| The newest installation to TheTAZZone is a no-nonsense forum for security enthusiasts and professionals. |
| TheTAZZone.org |
| Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Duis ligula lorem, consequat eget, tristique nec, auctor quis, purus. Vivamus ut sem. Fusce aliquam nunc vitae purus. |
| The Sports Emporium |
| Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Duis ligula lorem, consequat eget, tristique nec, auctor quis, purus. Vivamus ut sem. Fusce aliquam nunc vitae purus. |
|
| TCP, UDP, NAT, PAT and Port Redirection as the PIX sees it |
| Sunday, December 03, 2006 |
In part four I will cover how the PIX handles TCP and UDP protocols, how static and dynamic translations work, how TCP interception features work and how to configure Dynamic NAT’s, Static NAT’s across one interface and multiple interfaces.
Almost the entire world uses Internet Protocol (IP) to communicate between computers, networks etc. An IP connection between two devices is known as a session. A session predominately uses one of two protocols, TCP or UDP.
From a PIX point of view TCP is very easy to inspect as a TCP ‘packet’ follows a very strict and well defined set of rules and has a very obvious start point and end point, and also makes it very clear what protocol the payload consists of.
UDP on the other hand is a very difficult protocol to inspect for the PIX as it has no clear beginning, flow state, payload information or end.
*The definition of Outbound and Inbound traffic differs from the normal definition as far as the PIX is concerned. When dealing with a PIX Inbound traffic is deemed to be traffic coming from a less secure interface to a more secure one (one with a lower security level to one with a higher level) and Outbound traffic is deemed to be traffic flowing from a more trusted interface to a less trusted one. Usually this will be INSDIE to OUTSIDE but this may not always be the case*
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - TCP, UDP, NAT, PAT and Port Redirection as the PIX sees it |
posted by Security News Media @ 12:44 PM  |
|
|
|
|
|
