NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Firewall names



Ideally, it would be nice to not have it in DNS.  But, in reality I don't think it is going to matter much:

1) Do they allow traceroute in-bound?  If they allow traceroute, it will probably be easy to identify the firewall as the hop past their gateway router - UUNet, Sprint, etc usually put customer access routers in DNS as XXXXX-gw.  So it is (usually) the next hop after that.

2) Is your client going to have SecuRemote connections to the firewall?  If so, port 264/tcp and/or 256/tcp will be open -- easy enough to identify it is a Checkpoint firewall.

3) If they are using Security Servers, they have known default text.

... I'm sure there are more ways.  And that is just external.

-iden_fw

>From: "Bob Webber/Markham/Contr/AT&T/IJV"
>To: "Brian Mulford"
>CC: [email protected]
>Subject: Re: [FW1] Firewall names
>Date: Wed, 28 Feb 2001 14:28:09 -0500
>
>
>
>Hello Brian:
>
>Well, it all depends. If it is just the hostname, it is probably no big
>deal. If it is associated with an IP address that is advertised to the
>world via DNS, then it would be just asking for trouble. There is no reason
>to draw attention to your firewalls. IMHO a firewall should be a black hole
>to the outside world. If your customer wants to associate the name with an
>IP address on the secure network that is not advertised to the world, that
>would not be the end of the world, but keep in mind that most security
>incidents originate from within the organization.
>
>Regards.
>
>Bob Webber
>AT&T Global Network Services
>Tel:
>Fax:
>Notes: Bob Webber/Markham/IBM@IBMCA
>Internet: [email protected]
>
>"Logic merely enables one to be wrong with authority" - Doctor Who
>
>
>"Brian Mulford" @lists.us.checkpoint.com on
>02/28/2001 01:14:14 PM
>
>Please respond to "Brian Mulford"
>
>Sent by: [email protected]
>
>
>To: "Check Point FW List (E-mail)"
>
>cc:
>Subject: [FW1] Firewall names
>
>
>
>
>Everyone,
>
>I have a client that insists on naming firewalls FW1 and FW2 or
>Firewall1 and Firewall2(NT machines). I advised that its not good
>practice to name firewalls anything that could indicate to the outside
>world that this is indeed a firewall. Am I off the wall think that?
>
>Brian
>
>
>================================================================================
>
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>================================================================================
>
>
>
>
>
>================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>================================================================================


Get your FREE download of MSN Explorer at http://explorer.msn.com

================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.