yep! i think so that this is exactly as doing port translation....
any other ideas....
--- Truman Boyes <[EMAIL PROTECTED]> wrote:
> how is this different than port address translation ?
>
> --truman
>
> On Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
>
> >
> > Was looking for some critisism on an idea im working on. Send
> reply's on
> > why it would/woudln't work or if someone has thought of this
> already.
> > The idea is to have the firewall switch the incoming and outgoing
> ports in
> > packets in order to create a "masking" operation between the
> internal and
> > external network. Thus masking the internal port number from being
> read
> > from the outside network. As a incoming packet is received the
> external
> > port number. (ex 80) is interchanged with the internals port used
> (ex
> > 2789). Thus if a Malicious packet was received (buffer overflow) at
> the Web
> > Server (behind the firewall), and the Web server send an ACK back
> with the
> > reply port as being 80, the packet is logged and discarded through
> the use
> > of an ACL. The following document is a packet example:
> >
> > Look forward to your replies.
> >
> > Sincerely,
> >
> > Josh Robinett
> >
> > (See attached file: example.txt)
> >
> >
> >
> >
> >
> >
> >
> >
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
=====
Image by FlamingText.com
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
