Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Anti-spoofing Problem

from [Andrew Shore] Network Security [Permanent Link]
Subject: RE: Anti-spoofing Problem
Date: Mon, 13 Sep 2004 15:39:07 +0100 
In your example you have very sensibly replaced the address with x.x.


So I'm stabbing in the dark here but

If (for example) these addresses are :

10.2.0.1

And 

10.250.0.10

And you have defined your internal network as 10.0.0.0 255.0.0.0 then
checkpoint will think that return traffic from the router is being
spoofed because it sees as 10. addresses as being internal.

Hope this makes sense.

Andy

-----Original Message-----
From: NAVTEJ KOHLI [mailto:tonavtejkohli@hotmail.com] 
Sent: 10 September 2004 22:23
To: firewalls@securityfocus.com
Subject: Anti-spoofing Problem

Hello Friends,

I'm running FP3 on solaris . My Network is like this :

Internal Networks <--> Firewall <--> Router <--> Internet

Now the Problem Part:-
When I try to access router from Internal Network , it never connect,
Even 
from the firewall ..same problem. The packets drop from the firewall.
In the firewall log, I found these message :

Internal Net   Action     Service    Source    Destination   Info
eth0            drop       telnet     x .x.0.10  x.x.0.1    message_info

address
spoofing

In Topology for Eth0 on the firewall is defined as External (leads out
to
the internet), with "Perform Anti-Spoofing based on interface topology"
checked.

Thanks in advance,

NAVTEJ KOHLI

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Wierd ICMP in logs, Mark
Next by Date:  RE: PIX Setup with PAT, Andrew Shore
Previous by Thread:  Re: Anti-spoofing Problem, Rob Hughes
Next by Thread:  Wierd ICMP in logs, Mark
Indexes:  [Date] [Thread] [Top] [All Lists]