Depending on what you're trying to test even with smart defense in monitor mode or manually turned off for every setting Nessus or other network scanners won't be able to fully test the devices behind the firewall. The drops that I saw when doing this (sniffing both inside/outside interfaces of the firewall and comparing) were mainly TCP and low-level IP packet header tests. (ie, the setting of various bits in the headers, information gathering type attacks et al).
It was a while since I did that capture (this was when R55 came out or there-abouts) and the same thing happens to various extents with every firewall (pix; checkpoint (nokia/splat/solaris); netscreen) and it's mainly due to the lower level OS is my guess not really the firewall code itself. If you do scan through your system and are able to do a sniffer trace on both sides for a comparison of the packet flow please let us know what you find. I probably won't be able to do another such test for several more months. Steve ************************************************************************* The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system. Thank you. ************************************************************************* ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
