-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: railwayclubposse_at_hushmail.com
> [mailto:railwayclubposse_at_hushmail.com]
> Sent: Tuesday, May 15, 2001 10:49 AM
>
> You get the same results if the default Checkpoint ports are
> closed. You
> still need to find one or two open ports, but they don't have
> to be on the
> firewall itself. The giveaway is in how the headers are
> rewritten for one-
> to-many NAT.
Uhm... I'm confused. I assume you mean ports of statically natted
machines. I connect from the Internet through the FW-1 to a host
behind behind it. That is a one-to-one NAT. What is rewritten in the
headers that would identify the screening fw as a FW-1 machine? I
mean IP addresses are obviously changed. What other header
information (i.e. flags, options) are changed in the packet coming
form the host? I understand that I should expect a certain option set
in a response packet (depending on OS and my request packet), I
understand the process, I'm not question this. Just would like to
know what is reset/changed in the TCP or UDP packet. (Let's ignore
ICMP). Point me to an article or FAQ please.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.
iQA/AwUBOwGhf5ytSsEygtEFEQIvsACgoTtMFV/4RxlUGwGFKpzMVkGXkDMAmgMa
jgNg9+TBLNivSvLJZFdJHhex
=K0ok
-----END PGP SIGNATURE-----
Received on May 16 2001
Intro
