08-04-2005 05:01 AM - edited 03-09-2019 12:02 PM
I've just experienced a X11 communication where xdm direct advertisment went through, but the resulting x11 communication was dropped by pix 515 6.3(4). I noticed that the dropped packet had a source port 0 otherwise it looked fine..
As a note: direct X11 packets with EXPORT DISPLAY work fine.
Q: is there a way to change this PIX-OS behavior dropping strange looking packets?
08-09-2005 09:36 AM
The issue is that the PIX follows the convention that port 0 is to mean all port. Therefore, if the PIX accept a packet with source port 0, then all ports of the sending host are considered to be open.
Which I guess is a security Loophole.
08-09-2005 10:59 PM
nope:
-the message comes from log.
-it is a source port
-there's no rule like that in the access list.
the only reasonable explanation is that there's a general protocol analysis and it doesn't like source port 0.
but the question is can it be changed?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide