G'day,
I was just testing some strange NAT stuff, and I noticed that both Windows
NT4 and Linux (2.2.14) don't seem to care about source IP addresses for ICMP
echo-replies.
For example, sitting on the outside, I would ping an inside host, and the
reply would come back from the outside IP address of the router. Ping,
however, didn't care and reported 0% packet loss.
Has anyone else noticed this? Is it just me, or is that a bizarre
implementation choice? It certainly gave me the absolute "what the (*^(&???"
heebie-jeebies.
Cheers,
--
Ben Nagy
Network Security Specialist
Marconi Services Australia Pty Ltd
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
