Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Anti-Spoofing

To: [email protected]
Subject: [FW-1] Anti-Spoofing
From: Bourque Daniel <[email protected]>
Date: Tue, 16 Oct 2001 20:58:11 -0400
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

After reading about anti-spoofing setup on the firewall objet, I still have
questions for setup with multiple networks on the inside interface.

Let say that the inside interface ie0 (192.168.1.0/24) can also reach
multiples interconnected private networks (192.168.2.0/24, 10.10.10.0/24 and
172.168.2.0/24).

The anti-Spoofing on this interface should be of type Specific with a group
(Antispoof-ie0) of all 4 networks segments.

The anti-Spoofing on the ie1 (DMZ) interface 207.236.100.0/24 would be of
type ThisNet.

What should be the anti-spoofing rule on the ie2 interface, the one on the
internet side?

Should the anti-spoofing be of type Others+ AntispoofA-ie2 meaning anything
but this network AND some specific addresses like the hide NAT address
included in the antispoof-ie2 group?

What happen if a spoof packet with a source address of 10.10.10.1 show up on
the ie2 interface?  Since this address is not directly connected to the ie0
interface, does FW1 know that it shoud drop it as a spoof packet?



Daniel Bourque

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: Re: [FW-1] SecureRemote/NAT ..so close
Next by Date: Re: [FW-1] Messenger
Previous by thread: [FW-1] What�s necessary to use vlan+checkpoint 4.1+vlan (802.1q)
Next by thread: Re: [FW-1] Anti-Spoofing
Index(es):
- Date
- Thread