firewall session state question

Posted on 2010-03-29
Medium Priority
Last Modified: 2013-11-29
can someone explain me the meaning of if firewall is capable of maintaining session state information.
attached a screenshot of a test i have done using hping, is my firewall capable of maintaining session state? of not capable how will the results will be?

Question by:ammadeyy2020
LVL 38

Expert Comment

by:Rich Rumble
ID: 28988092
Session state is referring to a connection having the ability to pick up where you left off. The firewall won't know anything about a session typically, but does know about a connections state. Here is a good explanation of Session: http://en.wikipedia.org/wiki/Session_%28computer_science%29
Here is one for State(ful): http://en.wikipedia.org/wiki/Stateful_firewall
A session you can think of as you calling someone on the phone, they pick up and you both say hello. If you hang up the phone, and the other person does not right away, and you pick up your phone again you and the person you called could again talk to each other because the connection was never completely terminated.
A connection state is similar, you pick up the phone and dial a number, the person picks up- the state is connected. If you dial a number and they don't pickup or someone calls you and you don't pick up there is no state. Most firewalls allow call from inside to the outside, when the server your "calling" pick up, you have a stateful connection. If a server "calls" your firewall it probably won't "pick up" so the connection is denied. If your firewall has an open port like http, then a connection will probably be made.

Accepted Solution

AbhisekSanyal earned 2000 total points
ID: 29075445
  Testing if your firewall maintains the state or not requires access to the firewall. The test can be
- Add a Firewall rule which allows you to say access a web service.
- Apply the Firewall settings.
- Start downloading a file (large file) from the web service.
- Once, the download has started, access the Firewall again and delete the rule that you had added earlier
- Apply the Firewall settings
- The older download process should still continue, but if you try to download the file again, it will get blocked.

The older download process continues because the state of the previous connection is allowed by the Firewall.
Try using curl or wget to do the download on your system. It isn't a neat way of establishing that the Firewall supports state.
Hope that helps.

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Super Bowl is just days away. Millions of advertising dollars will be spent in just a few hours to drive people to websites around the globe. Optimizing your site in anticipation of a big event like this (and the traffic surges that follow) will…
To share tips on how to stay ALERT and avoid being the next victim - at least not due to your own poor cyber habits and hygiene!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question