Re: Address hiding

Wed, 13 Jan 1999 20:41:44 -0500 

This is done easily with the logging features of CheckPoint's Firewall-1.
Let's say that you are tracing a connection through the firewall from an
external user. The user has been allowed to access hosts on the internal
network. This device may be a web server, ftp server or any IP based host.
The firewall rules can be set to log the activity between the protected host
and the external remote user, even if network translation is used.  The log
will show the access attempt, whether it was accepted, rejected (encrypted
or decrypted in the case of VPN module being present), etc... of the
internal "hidden" object and the address of the remote user. I use this
logging tool to test which rules may or may not be working correctly based
on the security policy established and installed on the firewall. My remote
users are encrypted/decrypted through our remote firewall and then any
remote access tool can be used from a home desktop to manage devices on the
internal protected segment. All of this acrtivity is logged at the
management server and can be stored and reported at any time.

Lance Ecklesdafer, CNP
re:Sources, Inc.
[EMAIL PROTECTED]
http://members.tripod.com/ecklesd

-----Original Message-----
From: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Wednesday, January 13, 1999 7:17 PM
Subject: Address hiding


>OK, here's one:
>
>You'd like to use the "address hiding" feature that firewalls provide for
>obvious reasons, but at the same time, there's a requirement for an
external
>entity to monitor/track activity based on IP address.  In other words,
>tracing a connection back to the outside interface of one of your firewalls
>is unacceptable --- we need to identify the source address inside the
>firewall as well.  Crazy as it sounds, is this at all possible?
>
>Thanks in advance,
>Jim
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]



-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to