>This issue can be fixed by simply implementing a stealthing rule on the >firewall itself. The problem is in NT's stack, not the FireWalls. > > Jamie Thain wrote: > > > Timothy, > > > > > I was running nmap against a client's Checkpoint FW-1 > > > when they called to inform me that it had crashed. I > > > was not on site so unfortunately I have little > > > details. > > > > I have seen this befor where a high speed port scanner running against a > > FW-1 on NT seems to crash it. FW-1 does not exhibit this behaviour on > > Sun. You may want to check and make sure you have the most recent patch > > level. That information is on the FW-1 site. > > > > > I DO know that they were running it on a NT > > > box and it was behind a Cisco 3640. I have done a bit of testing using nmap against NT 4.0 with SP4. My findings were that plain NT 4.0 SP4 doesn't crash/behave erratically by itself with the many instances of nmap options that I tried. Certainly not a simple SYN scan with OS fingerprinting. What exactly is the problem in NT's stack and how exactly can you measure it's adverse reaction? I was looking under task manager at the nonpaged kernel memory, process, thread, and handle counts. ----------------------------------------- Matt Hargett http://www.cityscape.net/~hargett mattat_private sex on the TV, everybody's at it and the mind gets dirty as you get closer to thirty
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:36:43 PDT