Hello, Maybe on the rule 0 (i.e. from FW-1 gui Policy/Properties) the default accept ICMP traffic check is not removed and therefore your scanner is able to see the addresses behind the firewall. This is because rule 0 is checked before all other user defined rule definitions. Hope this helps… Ozgur Danisman Network Security Specialist Koc Net Tel +902164541300 ext 1660 Fax +902164541361 http://www.koc.net <http://www.koc.net> -----Original Message----- From: James Wilson [mailto:netsurfat_private] Sent: Tuesday, January 18, 2000 5:16 PM To: firewall-wizardsat_private Subject: Blocking scanning from outside -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We have a FW-1 box set up at the perimeter with a rule that blocks any any from outside, but when I run a scan using WinSockPingProPack it appears to see individual addresses behind the firewall. It does not see any information on them such as ports open etc. but it does list the IP as there. Is there a special rule needed to make those invisible, or is private addressing the only way to block this (since they don't route from outside)? - - James D. Wilson, CCDA, MCP "non sunt multiplicanda entia praeter necessitatem" William of Ockham (1285-1347/49) -----BEGIN PGP SIGNATURE----- Version: PGP 6.0.2 Comment: I live for the sound ... of nothing but net iQA/AwUBOISDqSavYwibXjmcEQLFiACffJTqn59kuFtqzFz9Ik5p1/NH0swAoKXu urpBUQU/TfszioxUCuE9yagj =a8jQ -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:58:28 PDT