-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: railwayclubposseat_private > [mailto:railwayclubposseat_private] > Sent: Tuesday, May 15, 2001 10:49 AM > > You get the same results if the default Checkpoint ports are > closed. You > still need to find one or two open ports, but they don't have > to be on the > firewall itself. The giveaway is in how the headers are > rewritten for one- > to-many NAT. Uhm... I'm confused. I assume you mean ports of statically natted machines. I connect from the Internet through the FW-1 to a host behind behind it. That is a one-to-one NAT. What is rewritten in the headers that would identify the screening fw as a FW-1 machine? I mean IP addresses are obviously changed. What other header information (i.e. flags, options) are changed in the packet coming form the host? I understand that I should expect a certain option set in a response packet (depending on OS and my request packet), I understand the process, I'm not question this. Just would like to know what is reset/changed in the TCP or UDP packet. (Let's ignore ICMP). Point me to an article or FAQ please. Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.8 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOwGhf5ytSsEygtEFEQIvsACgoTtMFV/4RxlUGwGFKpzMVkGXkDMAmgMa jgNg9+TBLNivSvLJZFdJHhex =K0ok -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Tue May 15 2001 - 22:02:07 PDT