Search results for query: *

If there is no separate network for the DMZ, so it's not a DMZ! Hicham

Hi Yardyy, The problem you are facing is a routing problem. As in the CP guide: "Enabling Accept ICMP does not enable ICMP Redirect. If you wish to enable ICMP Redirect, you must explicitly do so." But there's a predefined ICMP service in FW-1 which can be used to accept those...

Hi Jacob, As you have said ACL are limited, I advise you to check on the Internet about: Stateful inspection, Anti spoofing wich does not exist on routers. http://www.enteract.com/~lspitz/fwtable.html Hicham Tfaily

Hi Brian, You didn't specify if these double acks are comiing for all types of connections. Some software use multiple TCP connections to establish one application connection. Is it the case? Hicham Tfaily

Hi, Just a clarification: 1- You have to do your scan from server 2 (the DMZ) 2- If the port 1433 is a TCP port superscan can do the job, but if it is a UDP port you can't do this with superscan... If it's a UDP port let me know!

Hi joel, from what you've cited, I can understand that you have an ordinary DMZ which means that your DMZ lies on an interface of your firewall, so when you apply the checkpoint policy it will be applied on all interfaces. All the rules that are in the policy will apply to the machine in the...