Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] How do you hide/stealth your firewall...ideas?

To: [email protected]
Subject: Re: [FW-1] How do you hide/stealth your firewall...ideas?
From: Patrick Lotti <[email protected]>
Date: Fri, 2 Nov 2001 09:12:53 +0100
Organization: ISION Internet AG
References: <000b01c162eb$a000d410$56088118@inspiron>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

> 3) It would be nice if Firewall-1 could pass ICMP traffic without
> decrementing the TTL,
Regarding your first post, about rewriting inspect for ICMP:
"Desinformation" -  if you just "correct" the TTL for ICMP?
It's easy to try tcp with the same TTL (fails) and TTL+1 (works).

> Using the spare router idea, you don't even have to mess with TTL
> mechanisms and you get the benefit of some disinformation (which is
> always good.)
It's better to close external access to all routers, so they'll look
like a firewall. Or let your firewall look like a router.

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- Re: [FW-1] How do you hide/stealth your firewall...ideas?
  - From: "Carl E. Mankinen" <[email protected]>

Prev by Date: [FW-1] problem with FW1_LOG protocol from one of my interfaces
Next by Date: [FW-1] I'm not in the office until 29th of Novembre
Previous by thread: Re: [FW-1] How do you hide/stealth your firewall...ideas?
Next by thread: Re: [FW-1] How do you hide/stealth your firewall...ideas?
Index(es):
- Date
- Thread