Hello, We've have a Watchguard (original) for some time now, and don't see the problem you describe.. perhaps it could be a configuration issue? Does it happen at other ports as well, or just DNS? - And do you have the 'outgoing' icon enabled? (if so, it could be what's causing the problem - try just allowing specific traffic, and exclude the firewall from the lists of allowed hosts) FWIW, the Firebox (original, and probably II as well) is a low-end PC running Linux 2.0.3x.. (we built a backup for ours out of an old P100 and 3com NICs :) .. applying linux know-how to the firebox might save you some headaches.. TTUL -Karl ps. I agree that talking directly to Seattle Labs doesn't help much at first, try going through your dealer - SL is much more responsive to dealer inquiries than from end-users (it's the way they're structured... configuration problems are handled by the dealers, technical issues are handled by SL... since at first glance yours appears to be a configuration issue, they might have ignored it until it goes through proper channels..) Who Wants To Live Forever ... wrote: > > When we was testing a FireBox II (WatchGuard.. the red one box) > from internet it filtered any attack, but when we probe it from internal > network (masquerade), it doesn't filter udp attack, actually with "pepsi" > flood spoofed as localhost at dns port, it goes down, and stay disarmed. > We dont know if machines at the "optional" interface stay completly > vulnerable .. but it could be, we inform at WatchGuard.com .. but they > doesnt answer. > > Matias Ruiz > Patricio Laf. > www.miticos.cl
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:48 PDT