firewall session state question

can someone explain me the meaning of if firewall is capable of maintaining session state information.
attached a screenshot of a test i have done using hping, is my firewall capable of maintaining session state? of not capable how will the results will be?

Untitled.png
ammadeyy2020Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rich RumbleSecurity SamuraiCommented:
Session state is referring to a connection having the ability to pick up where you left off. The firewall won't know anything about a session typically, but does know about a connections state. Here is a good explanation of Session: http://en.wikipedia.org/wiki/Session_%28computer_science%29
Here is one for State(ful): http://en.wikipedia.org/wiki/Stateful_firewall
A session you can think of as you calling someone on the phone, they pick up and you both say hello. If you hang up the phone, and the other person does not right away, and you pick up your phone again you and the person you called could again talk to each other because the connection was never completely terminated.
A connection state is similar, you pick up the phone and dial a number, the person picks up- the state is connected. If you dial a number and they don't pickup or someone calls you and you don't pick up there is no state. Most firewalls allow call from inside to the outside, when the server your "calling" pick up, you have a stateful connection. If a server "calls" your firewall it probably won't "pick up" so the connection is denied. If your firewall has an open port like http, then a connection will probably be made.
-rich
0
AbhisekSanyalCommented:
Hi,
  Testing if your firewall maintains the state or not requires access to the firewall. The test can be
- Add a Firewall rule which allows you to say access a web service.
- Apply the Firewall settings.
- Start downloading a file (large file) from the web service.
- Once, the download has started, access the Firewall again and delete the rule that you had added earlier
- Apply the Firewall settings
- The older download process should still continue, but if you try to download the file again, it will get blocked.

The older download process continues because the state of the previous connection is allowed by the Firewall.
Try using curl or wget to do the download on your system. It isn't a neat way of establishing that the Firewall supports state.
Hope that helps.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.