lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 18 Dec 2006 21:04:00 +0100 (CET)
From: Hugo van der Kooij <hvdkooij@...derkooij.org>
To: Bugtraq mailinglist <bugtraq@...urityfocus.com>
Subject: Re: Checkpoint NG3 ICMP Flood

On Mon, 18 Dec 2006, bdmoraes@....com.br wrote:

> I have one checkpoint NG3 in my company and verifying in Tracking i have tousands of events with ICMP type 8 and type 17.
>
> The events has origin in my internal networks, with one problem .. the Source IP is my PAT address for internal hosts to internet.
>
> Is there any bug of Checkpoint? Anyone already seen this event?
>
> I will go verify with sniffers and other tools, but this IP (Only for PAT) is no routeable in my internal networks...

I strongly doubt you found a bug in the software. Your report is missing 
crucial information.
  - Exact Check Point version (fw ver)?
 	(Did you apply the minimal required HFA on NG FP3?)
  - How did you configure this PAT exactly?

At this point this report is in fact pointless and more of FUD message.

Hugo.

-- 
 	hvdkooij@...derkooij.org	http://hvdkooij.xs4all.nl/
 	    This message is using 100% recycled electrons.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ