RE: Traceroute question

From: Omar Salvador Alcalá Ruiz <oalcala@xxxxxxxxxxxxx>
Date: Fri, 29 Dec 2006 10:13:09 -0600

Hi there.

I've seen this scenario under Firewall implementations and NAT/PAT usage,
not just on Cisco, but other vendors as well. I'm not entirely sure, but my
thoughts are that either the host and the NATing device both replies with
the same IP: the one known to the world... And the Firewall is not dropping
correctly outside connections.

Regards.

OA.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
To: Becky Nelson; pen-test@xxxxxxxxxxxxxxxxx
Sent: 12/28/2006 6:20 PM
Subject: re: Traceroute question

From: listbounce@xxxxxxxxxxxxxxxxx on behalf of Becky Nelson
Sent: Wed 12/27/2006 8:36 PM
To: pen-test@xxxxxxxxxxxxxxxxx

I am running a traceroute and have two hops that report the same
address. Could someone please explain what would cause this? I
suspect that this is some type of firewall?

Regards,

Ralf

Becky...err Ralf,

Possibly load balanced network(s) in between you and
the traced destination.

Prev by Date: TOR; is it exploitable?
Next by Date: Re: Virtual environments security
Previous by thread: Re: Traceroute question
Next by thread: Ethical hacker/penetration tester skills and certifications
Index(es):
- Date
- Thread

Relevant Pages

Re: [fw-wiz] Cisco 2811 vs. ASA 55xx
... Cisco ASA units are the replacements/upgrades for the PIX. ... "Is the lack of flexibility of the ASA justified by the higher performance? ... I'm not real sure what you're trying to do security-wise with a Cisco router that a Cisco firewall appliance cannot do. ...
(Firewall-Wizards)
Re: Firewall Hardware and a bit of a Rant
... I need advice on which hardware firewall to purchase for a client with 20 users. ... I'm fairly new to SBS and have installed 3 servers. ... Watchguard seem to think they are Cisco and don't have to provide support to smaller IT guys because they are so powerful etc.. ... If my client didn't need web filtering, I'd bang a PIX in and use the Cisco VPN Client for remote access with local database XAuth to provide double authentication. ...
(microsoft.public.windows.server.sbs)
RE: Network IDS
... I'd say running the same OS for your firewall as your desktop machines ... Subject: Network IDS ... I'm using cisco products: Cisco Secure PIX firewall and Cisco Secure ... > Currently I have been looking at the Symantec Gateway Device. ...
(Security-Basics)
Cisco PIX 515E vs. Fortinet Fortigate-300
... Firewall Evaluation ... Cisco PIX 515E vs. Fortinet Fortigate-300 ... Fortigate firewall. ...
(comp.security.firewalls)
RE: [fw-wiz] CERT vulnerability note VU# 539363
... so vendors shoot for the former. ... > In my opinion if a stateful firewall claims it can filter at rate X ... > a stateless packet filter is going to be vulnerable to these sort ...
(Firewall-Wizards)