[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Firewall names
Ideally, it would be nice to not have it in DNS. But, in reality I don't think it is going to matter much: 1) Do they allow traceroute in-bound? If they allow traceroute, it will probably be easy to identify the firewall as the hop past their gateway router - UUNet, Sprint, etc usually put customer access routers in DNS as XXXXX-gw. So it is (usually) the next hop after that. 2) Is your client going to have SecuRemote connections to the firewall? If so, port 264/tcp and/or 256/tcp will be open -- easy enough to identify it is a Checkpoint firewall. 3) If they are using Security Servers, they have known default text. ... I'm sure there are more ways. And that is just external. -iden_fw Get your FREE download of MSN Explorer at http://explorer.msn.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|