mailing list archives
Re: Checkpoint NG3 ICMP Flood
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Mon, 18 Dec 2006 21:04:00 +0100 (CET)
On Mon, 18 Dec 2006, bdmoraes () bol com br wrote:
I have one checkpoint NG3 in my company and verifying in Tracking i have tousands of events with ICMP type 8 and type
The events has origin in my internal networks, with one problem .. the Source IP is my PAT address for internal hosts
Is there any bug of Checkpoint? Anyone already seen this event?
I will go verify with sniffers and other tools, but this IP (Only for PAT) is no routeable in my internal networks...
I strongly doubt you found a bug in the software. Your report is missing
- Exact Check Point version (fw ver)?
(Did you apply the minimal required HFA on NG FP3?)
- How did you configure this PAT exactly?
At this point this report is in fact pointless and more of FUD message.
hvdkooij () vanderkooij org http://hvdkooij.xs4all.nl/
This message is using 100% recycled electrons.