> From: James Wilson [mailto:netsurfat_private] > Sent: Tuesday, January 18, 2000 10:16 AM > We have a FW-1 box set up at the perimeter with a rule that blocks any > any from outside, but when I run a scan using WinSockPingProPack it > appears to see individual addresses behind the firewall. It does not > see any information on them such as ports open etc. but it does list > the IP as there. Is there a special rule needed to make those > invisible, or is private addressing the only way to block this (since > they don't route from outside)? > James D. Wilson, CCDA, MCP FW-1 has "accept ICMP" enabled by default in its policy properties--you need to disable it. The reference on policy properties from Chris Brenton's posting yesterday is great: >See: >http://www.geek-speak.net/fw1/fw1_properties.html > >HTH, >Chris >-- >************************************** >cbrentonat_private -----michael cannella mailto:mcannellaat_private -----Internet Security Systems, eServices -----http://www.iss.net/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:58:25 PDT