[fw-wiz] Help
- From: Dave Piscitello <dave@xxxxxxxxxxx>
- Date: Wed, 15 Nov 2006 07:25:37 -0500
Can I ask some of you who live behind commercial firewalls to do the following DNS dig for a small study I would like to conduct?
dig hk ns +bufsize=4096 @203.119.2.18 > <file>
If you could tell me the OS you used to dig, the firewall between your resolver and the name server and if you know, the firewall SW version, you'd really make my day. BTW, if you don't get an answer, that is a very useful data point.
I am trying to gather some anecdotal evidence regarding how firewalls deal with EDNS0 responses (esp. DNS messages > 512) and AAAA records.
I have results for
Netscreen (ScreenOS V5.30r3, 4.0.3r4.0)
Sonicwall (SonicOS Standard 3.1.0.7-77s)
Cisco PIX version 7.2.1
Cisco C2600 IOS 12.2(37)
Watchguard FBX1000 (Fireware v8.2)
I could really use some data from current and previous versions of Checkpoint, Symantec, Sidewinder, Fortinet to help fill out the "market share tested" pie chart.
begin:vcard
fn:David Piscitello
n:Piscitello;David
adr;dom:;;3 Myrtle Bank Lane;Hilton Head;SC;29926
email;internet:dave@xxxxxxxxxxx
x-mozilla-html:FALSE
url:http://hhi.corecom.com/weblogindex.htm
version:2.1
end:vcard
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] Help
- From: Utz, Ralph
- Re: [fw-wiz] Help
- References:
- Re: [fw-wiz] bypassing PIX limitation
- From: David Swafford
- Re: [fw-wiz] bypassing PIX limitation
- From: Paolo Supino
- Re: [fw-wiz] bypassing PIX limitation
- From: Marcus J. Ranum
- Re: [fw-wiz] bypassing PIX limitation
- From: Chris Blask
- Re: [fw-wiz] bypassing PIX limitation
- Prev by Date: Re: [fw-wiz] Mis-attribution - Re: How automate firewall tests
- Next by Date: Re: [fw-wiz] firewalls and routers
- Previous by thread: Re: [fw-wiz] bypassing PIX limitation
- Next by thread: Re: [fw-wiz] Help
- Index(es):
Relevant Pages
|
|
