This may be a common (vulnerable?) configuration. Outside and inside routers ATM interface connect to a Nortel Passport (or similar) which connects to the Internet Service Provider using ATM over Frame-Relay. The passport also interconnects "the inside" networks between remote offices. So public and private traffic goes through same the passport; different virtual circuits, of course. Internal and external routers are physically separate devices (think you're safe eh?). If the outside router gets hacked, can it send forged PDUs to the passport allowing the outside router to impersonate the inside router (connected to the same passport)? Is this the host impersonation issue discussed in RFC 2684 & 2225? Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
