If a firewall is designed correctly, it will not answer any traffic directed at the external ip address. So, in cases where the firewall engineer used a stealth rule it would be most difficult to determine if a firewall even existed at the address you were trying to investigate. In cases where the firewall is configured any differently ..well that is an entirely different matter. I assume you are asking so that you can protect your firewall from port scanners and network mappers . So use a stealth rule and drop (not reject) all traffic addressed to the firewall.
Lance ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, January 12, 2002 1:15 PM Subject: determining a ruleset > Is it possible to determine the ruleset of a firewall over the network? > Like what the firewall lets in and what it lets out? Kinda like a > firewall portscan I guess. > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
