[ale] Idle Sockets vs. Firewall question

Fri Oct 20 11:31:49 EDT 2006

I was afraid of that.  Thanks for the info.

Greg

On 10/20/06, Allan Neal <allanneal at comcast.net> wrote:
>
> Greg,
>
> Checkpoint does!  Checkpoint defaults to 15 minutes idle.  This means
> that it will keep the socket in it's state table until a 15 minute
> idle timer times out, i.e. no packets at all.  Each packet to cross
> that socket resets the timer.  Once the timer expires Checkpoint drops
> if from it's state table but does not close the socket on either side
> of the connection.  Thus if the app tries to send another packet
> of the closed/forgoten socket the firewall drops the packet as an
> "unestablished connection".
>
> Allan
>
> On Fri, Oct 20, 2006 at 10:46:35AM -0400, Greg Freemyer wrote:
> > All,
> >
> > I'm wondering if it is common for firewalls to close idle sockets after
> a
> > period of time?
> >
> > === Details
> > I have a Java application that has been in service for years (since 1999
> IIRC),
> > but on a private satellite based data network (vsat).
> >
> > We're in the process of moving it to the Internet (which means random
> firewalls
> > at out client locations), and now we're getting complaints about
> non-delivered
> > messages/notifications.
> >
> > The way we handle notification is to have the client open a socket to
> the
> > server and just leave it open (and idle) for hours at a time.  Then when
> a
> > message needs to be delivered the server simply sends it down the
> existing
> > socket.
> >
> > Since this is basically the same code that has been in use for a while I
> doubt
> > that it is a basic client/server issue.  Seems much more likely it is
> the
> > network between the 2 which now is a much less controlled environment
> than it
> > was with dedicated satellite gear.
> >
> > Any other ideas are welcome.
> >
> > Thanks
> > Greg
> > --
> > Greg Freemyer
> > The Norcross Group
> > Forensics for the 21st Century
>
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
>
> --
> / ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \
> |  /~~\                                 /~~\  |
> |\ \   |   I would rather be exposed   |   / /|
> | \   /|     to the inconveniences     |\   / |
> |  ~~  |  attending too much liberty   |  ~~  |
> |      |  than to those attending too  |      |
> |      |     small a degree of it.     |      |
> |      |      - Thomas Jefferson       |      |
> |      |                               |      |
> \     |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|     /
>   \   /                                 \   /
>    ~~~                                   ~~~
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>
>
>

-- 
Greg Freemyer
The Norcross Group
Forensics for the 21st Century
-------------- next part --------------
An HTML attachment was scrubbed...