Hugo wrote: > > I confiugured firewall (CP 4.1) not to control ip routing, meaning when > firewall is dropped then it is still routing thwe packets. Frewall protexts > hosts that have public ip range, LAN and DMZ. Let's say firewall service > crashes but machine still works and can route the packets, so my networks > (10.0.0.0/16 and 192.168.99.0/24) are exposed. > Question: I think that even if fw service is down then nothing will happen > cause you cannot attack hosts with illegeal ip addresses-they simply won't > be routed back to attacker....but maybe I'm wrong here...I would like to > have some feedback on this.
That's right. If you have non-routable addresses, then any *external* attacker won't be able to see your hosts, unless he gets control of an internal hosts, or your border router... - Mart�n. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
