Yes, one has to be physicly on the firewall, or has some sort of a session
(telnet or rexec...) to the firewall.
Usualy in a "secure" situation this is not the case. I know of Firewalls
where you'll be escorted by a securityguard to work physicly on the
Firewalls.
Lupinum
Scott Friedman wrote:
> Wouldn't that only be if someone is actually ON the firewall box itself?
>
> In our case nobody is..
>
> Scott J. Friedman
> Senior Systems Administrator
> Microsoft Certified Systems Engineer
> Email : [EMAIL PROTECTED]
> Phone : 313-253-3656
> Cell Phone : 313-220-6916
> AOL IM : SJF403
>
> -----Original Message-----
> From: Lupinum [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 14, 2000 1:32 PM
> To: Scott Friedman
> Cc: 'Padden, Greg'; '[EMAIL PROTECTED]'
> Subject: Re: [FW1] Inbound, outbound, or eitherbound?
>
> True, but it doesn't check packets from the firewall to internet or
> local LAN! So you better trust the firewall and everyone on it
> completely.
>
> Lupinum.
>
> Scott Friedman wrote:
>
> > Inbound checks the packet when it gets to the firewallOutbound checks
> > it after it has been routed from one NIC to the other before sending
> > it outso a packet from the INternet would be checked when it gets to
> > the external IF of the firewall. A packet from the local LAN would be
> > checked once it hit the internal IF of the firewall.Eitherbound checks
> > the packet when it gets to both NIC's, so a packet from the Internal
> > LAN to the Net would be checked when it hit the internal IF, then
> > routed to the external IF, checked again, then (if accept or encrypt)
> > is sent on it's way.I use Inbound always. Eitherbound is double
> > checking, double the performance hit. Scott J. Friedman
> > Senior Systems Administrator
> > Microsoft Certified Systems Engineer
> > Email : [EMAIL PROTECTED]
> > Phone : 313-253-3656
> > Cell Phone : 313-220-6916
> > AOL IM : SJF403
> >
> > -----Original Message-----
> > From: Padden, Greg [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, August 14, 2000 12:17 PM
> > To: '[EMAIL PROTECTED]'
> > Subject: [FW1] Inbound, outbound, or eitherbound?
> >
> > So what are other people using for this Property for
> > applying the ruleset to the firewall's interfaces?
> >
> > I was using Eitherbound, but was told that changing this to
> > Inbound would gain me some performance.
> >
> > Does anybody know any drawback to changing to Inbound?
> >
> > Network Engineer, MSCE, CCNA
> > Information and Telecommunications Services
> > King County
> > 700 5th Ave, Suite 1800
> > Seattle, WA 98104
> > (206)263-4804 Fax (206)263-4834
> > <<Padden, Greg.vcf>>
> >
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
