cdysthe
December 5th, 2004, 12:06 AM
Hi,
From what I have understood (I am not an expert at all) stateful packet inspection is the way to go for maximum security. However, it doesn't work for P2P and some other stuff. I may be way off here, but why couldn't stateful packed inspection be a setting in filter rules or even for a given application? Is it either "on" or "off" for this kind of filtering, or could you potentially have a rule that opens for BitTorrent on port 6660-6600 and have stateful packet inspection turned off for this port range in the rule? Or could you have a setting for applications that turns off stateful packet inspection for the application in question?
I may be missing something that is obvious the ones knowing a lot about firewalls and filtering. But I do not really understand why stateful packet inspection is a global setting.
From what I have understood (I am not an expert at all) stateful packet inspection is the way to go for maximum security. However, it doesn't work for P2P and some other stuff. I may be way off here, but why couldn't stateful packed inspection be a setting in filter rules or even for a given application? Is it either "on" or "off" for this kind of filtering, or could you potentially have a rule that opens for BitTorrent on port 6660-6600 and have stateful packet inspection turned off for this port range in the rule? Or could you have a setting for applications that turns off stateful packet inspection for the application in question?
I may be missing something that is obvious the ones knowing a lot about firewalls and filtering. But I do not really understand why stateful packet inspection is a global setting.