>The first 25 packets were lost before the interface's initialization. The >packets with sequence number greater than 34 are droped from the firewall. >What about the packets with sequence number 25-34? Is it possible that >someone can use this time (after the interface's initialization and before >the firewall's initialization) to do something bad? Absolutely. There is a period of time while the FW is booting when the OS is up, but the FW software is not. FW-1 makes no attempt to hook the IP stack in such a way to prevent this. You MUST secure the underlying OS ON YOUR OWN. FW-1 does NOT "harden" the OS.. As for pings being dropped.. it's not unusual for some OSes (IOS included) to respond to pings, and then not, and then respond again during a boot. The second time not responding may be when the FW software kicked it, depending on the rules set. Ryan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:40:54 PDT