Support Center > Search Results > SecureKnowledge Details
Predictable TCP sequences generated by Security Gateway in R80.20 / R80.30 Technical Level
Symptoms
  • Predictable TCP sequences are generated by the Security Gateway.
Cause

Since R80.20, predictable TCP sequences are generated (in some cases) by the Security Gateway as a result of a functionality bug.

This might happen when using the following blades/protections (for example):

  • HTTPS Inspection for HTTPS connections
  • ‘Header spoofing’ IPS protection
  • User web portals on Security Gateway

Since in most of the cases these types of connections are encrypted, an attacker could use it only to create spoof reset, not session hijack.

If successful, it could cause disconnections of specific connection.


Solution

This problem was fixed. The fix is included in:

Check Point recommends to always upgrade to the most recent version.


This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment