The problem with that however is that disabling ICMP echo-replies does not hide the IP addresses in traceroute you simply get a "no response" message back. You still get a complete map of the network path, only without hostnames.
Whaddaya think? Marc >>> "Laura A. Robinson" <[EMAIL PROTECTED]> 03/06/02 11:29AM >>> NAT is designed for more than just obscuring IPs, and if IPSec is in use in this environment, it will negate the ability to use IPSec in transport mode. Without knowing why the OP isn't using NAT, it may not be feasible for his environment. Disallowing ICMP reply packets would achieve the requested result without requiring significant modification. Just my two cents. Laura ----- Original Message ----- From: "Network Operations" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, March 06, 2002 2:21 PM Subject: Re: How to hide IP's in Trace That is exactly what NAT is designed to do. Here are a few links that will steer you in the right direction. good luck! http://www.cisco.com/warp/public/556/12.html http://www.cisco.com/warp/public/707/21.html >>> "Amarnath Gutta" <[EMAIL PROTECTED]> 03/06/02 10:55AM >>> Hi All, I have Private IP's address in my network which I want to conceal in traceroutes. Say a customer traces to any IP on internet he is able to map my private network also which I want to prevent. So how can I hide the private ip's in the traceroutes. I use cisco routers. Any suggestions are welcome. Regards Amar _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
