If you're trying to ping the internal addresses and you have the default policy of "Accept ICMP", then the rules are allowing ICMP through the firewall. -- Joe At 07:15 AM 1/18/00 -0800, James Wilson wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >We have a FW-1 box set up at the perimeter with a rule that blocks any >any from outside, but when I run a scan using WinSockPingProPack it >appears to see individual addresses behind the firewall. It does not >see any information on them such as ports open etc. but it does list >the IP as there. Is there a special rule needed to make those >invisible, or is private addressing the only way to block this (since >they don't route from outside)? > >- - >James D. Wilson, CCDA, MCP >"non sunt multiplicanda entia praeter necessitatem" >William of Ockham (1285-1347/49) >-----BEGIN PGP SIGNATURE----- >Version: PGP 6.0.2 >Comment: I live for the sound ... of nothing but net > >iQA/AwUBOISDqSavYwibXjmcEQLFiACffJTqn59kuFtqzFz9Ik5p1/NH0swAoKXu >urpBUQU/TfszioxUCuE9yagj >=a8jQ >-----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:58:27 PDT