Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Support for IP redirection by CheckPoint Firewall-1 NG

from [Randall Paige] Network Security [Permanent Link]
Subject: Re: Support for IP redirection by CheckPoint Firewall-1 NG
Date: Thu, 5 May 2005 05:41:57 -0700 (PDT) 
I see where my Secureplatform firewalls attempt to
send
icmp redirects, because the
/proc/sys/net/ipv4/conf/eth0/send_redirects has a
value 
of 1 by default.  
Hopefully by setting this to 0 in the /etc/rc.local
file will prevent this behavior and clear up the
firewall logs with constant rule 0 drops of the icmp
redirect attemtps by the OS.


--- Markus Wernig <listener@wernig.net> wrote:

Jarek Sluzewski wrote:


    In other words, if the firewall receives a

packet, and based on its

    routing table determines that this packet

should be sent via same

    interface that received it, will the NG

forward the packet or just

    drop it (as PIX would).
     

In our tests on Nokia Ipso3.8, the packet was sent
back out without any 
problems on the same interface if there was a rule
to allow it. We 
dind't see any icmp redirects. This kind of makes
sense because the 
firewall engine will see the packet before the
routing engine does.
(And, yes, they would have been dropped anyway.)

krgds /markus



Randall Paige
Cell # 404 218-0241


                
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Find what you need with new enhanced search. 
http://info.mail.yahoo.com/mail_250
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PIX -> ISA -> OWA Configuration, Robert Hajime Lanning
Next by Date:  RE: isa server 2000, Louis Hablas
Previous by Thread:  Re: Support for IP redirection by CheckPoint Firewall-1 NG, Markus Wernig
Next by Thread:  Which one to choose: Checkpoint,Cisco,Juniper Netscreen, Guillome Main
Indexes:  [Date] [Thread] [Top] [All Lists]