#Session

Рет қаралды 9,606

Sianets

Күн бұрын

Пікірлер

@rajendradhangar1655 2 жыл бұрын

Nicely explain as usual... thank you so much 😊

@hemu-sir 2 жыл бұрын

Glad you liked it

@gapalrawat8101 3 жыл бұрын

Great explain boss

@akashrelekar5065 4 ай бұрын

thanks Sir, helped Alot

@hemu-sir 4 ай бұрын

Welcome

@vivekprajapati7911 3 жыл бұрын

Sir ab maja ayaa edu 300 wali batee...

@bluediamond6789 2 ай бұрын

Thanks a lot, it is very useful...

@hemu-sir 2 ай бұрын

You are welcome

@mantuyadav5499 3 жыл бұрын

When i see arp there is also incompetent communication showing. It is also because of 3 way handshake not completed ?

@vivekprajapati7911 3 жыл бұрын

thanks..

@srinu1230 2 жыл бұрын

Hi Bro, Thanks for for your efforts and sharing knowledge with others. I have a doubt regarding Application "Incomplete" log, As you have stated if the TCP 3-way Handshake is not happening properly then we will see Application as Incomplete in monitor logs. When this happens FW shouldn't allow the packet ri8, it should drop the packet as TCP 3-way Handshake is not established But why the Action is allowed in logs? So if TCP 3-way handshake doesn't happen properly then FW will still allow the traffic?

@hemu-sir 2 жыл бұрын

If TCP 3 way handshake will not complete in that case firewall aged out that session. And action is allowed because it is not check application based rule. It is only checking rules on the basis of l3 and l4 information.

@srinu1230 2 жыл бұрын

@@hemu-sir Thanks for your prompt response... i understood in PA packet flow first FW will assume the Application as ANY in slow path and just check L3 and L4 information and check whether Rule is in place or not for that Source and destination Ip on that port (Kind of Traditional FW) then if the rule matches to allow then it will create a session in session table and then further it will send the pack to L7 inspection. But my question here is FW shouldn't allow the traffic as TCP 3way Handshake is not happened and it should drop the packet ri8? Because communication happens once 3way handshake completes and then Actual Data transfer will happen. Please correct me if my understanding is wrong.