Firewall Wizards mailing list archives
Re: Blocking scanning from outside
From: Chris Brenton <cbrenton () sover net>
Date: Wed, 19 Jan 2000 08:03:15 -0500
James Wilson wrote:
We have a FW-1 box set up at the perimeter with a rule that blocks any any from outside, but when I run a scan using WinSockPingProPack it appears to see individual addresses behind the firewall. It does not see any information on them such as ports open etc. but it does list the IP as there.
Actually, you can see some port information. Try TCP or UDP 53. Oh ya, did you notice that your above scan was not logged? ;)
Is there a special rule needed to make those invisible, or is private addressing the only way to block this (since they don't route from outside)?
You need to nuke the default Properties settings. See: http://www.geek-speak.net/fw1/fw1_properties.html HTH, Chris -- ************************************** cbrenton () sover net * Multiprotocol Network Design & Troubleshooting http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet * Mastering Network Security http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
Current thread:
- PC Anywhere: Allow, with NAT, under FW-1 Cannella, Michael (ISS Southfield) (Jan 15)
- Blocking scanning from outside James Wilson (Jan 18)
- Re: Blocking scanning from outside Chris Brenton (Jan 19)
- Re: Blocking scanning from outside Joe Matusiewicz (Jan 19)
- Blocking scanning from outside James Wilson (Jan 18)