Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Hide NAT question

To: [email protected]
Subject: RE: [FW1] Hide NAT question
From: Amin Tora <[email protected]>
Date: Sat, 30 Dec 2000 21:32:22 -0500
Sender: [email protected]


Good point Andrew.... try to use another IP address if possible (and just
have the FW arp for that IP via $FWDIR/state/local.arp (on NT) or  via arp
cmd (on SUN)...

If you use your fw's external IP, you will have some packets/connections
initiated back to the fw, cluttering your logs, and depending on the number
of these attemps, may make it harder to distinguish between valid requests
and actual attacks/survailance techniques...

  :)


-----Original Message-----
From: Andrew Bagrin [mailto:[email protected]]
Sent: Friday, December 29, 2000 10:12 AM
To: Rodney Lacroix; [email protected]
Subject: Re: [FW1] Hide NAT question



You can use any IP address. I wouldn't use the firewalls external interface.
If no one knows the IP address of your firewall then you've got a better
chance of it not being attacked.
Andrew Bagrin
Secure-1www.secure-1.com
----- Original Message -----
From: Rodney Lacroix <[email protected]>
To: <[email protected]>
Sent: Friday, December 29, 2000 7:34 AM
Subject: [FW1] Hide NAT question


>
> When hiding an internal network, is there a standard for the IP address
you should hide the network behind?  I assume that you hide it behind the
firewall's external IP address.  However, does that lead to unwanted traffic
direct to the firewall from the Internet?
>
> Thanks in advance.
>
> Rodney Lacroix
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Way to get # of SecuRemote users currently online?
Next by Date: RE: [FW1] management console upgrade (Very Urgent)
Previous by thread: RE: [FW1] Hide NAT question
Next by thread: RE: [FW1] STOP error on Win2k SR SP2 and Linksys Wireless LAN car d
Index(es):
- Date
- Thread