|
windows
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How do the TCP/IP Stack and a Packet Filter work together?I've got the CHX-I Packet Filter installed on my Windows 2000
machine. One of the things that it lets you configure is enabling SYN flood protection when a certain number of half-open connections is reached. I've also noticed that the Windows TCP/IP stack can protect against SYN floods (see http://support.microsoft.com/kb/315669), and I'm wondering how things will work if there are 2 different things on my system that protect against SYN attacks (the TCP/IP stack and the CHX- I packet filter). I've discovered that CHX-I uses an NDIS intermediate driver, although I don't exactly know what that means. So what happens with incoming packets? Will CHX-I intercept all of them without letting the TCP/IP stack handle them at all? Or will the TCP/IP stack process them first, before handing them off to CHX-I? If the CHX-I Packet Filter is working at NDIS level, then it will intercept
everything before the TCP/IP stack. -- Show quoteHide quoteRegards, Andrei Ungureanu www.eventid.net Test our new EventReader! http://www.altairtech.ca/eventreader/default2.asp?ref=au <void.no.spam.com@gmail.com> wrote in message news:1172816929.617055.248740@j27g2000cwj.googlegroups.com... > I've got the CHX-I Packet Filter installed on my Windows 2000 > machine. One of the things that it lets you configure is enabling SYN > flood protection when a certain number of half-open connections is > reached. > > I've also noticed that the Windows TCP/IP stack can protect against > SYN floods (see http://support.microsoft.com/kb/315669), and I'm > wondering how things will work if there are 2 different things on my > system that protect against SYN attacks (the TCP/IP stack and the CHX- > I packet filter). > > I've discovered that CHX-I uses an NDIS intermediate driver, although > I don't exactly know what that means. > > So what happens with incoming packets? Will CHX-I intercept all of > them without letting the TCP/IP stack handle them at all? Or will the > TCP/IP stack process them first, before handing them off to CHX-I? > 
Other interesting topics
Two network cards
router working but lose internet access home network problem, computer name/path not found, invalid name ? WZC with a Netgear WG311T adapter and WEP encryption A strange set of circumstances XP / can get IP from router but can't get to internet http ftp ping... Enabling Automatic Updates via group policy Network problem Deleting a shared folder Network connection monitoring tool |
|||||||||||||||||||||||
