RE: Basic NAT / Firewall Question
- From: "David Gillett" <gillettdavid@xxxxxxxx>
- Date: Fri, 18 Aug 2006 14:21:18 -0700
This is almost certainly up to the firewall admin, how much
the firewall filters and how much it forwards to the NATted
destination.
A very basic question is: Is the firewall doing port-forwarding
(traffic to port ZZ gets translated and forwarded to the server),
or static NATting (non-filtered(!) traffic for public address x.x.x.x
gets translated and forwarded to private address y.y.y.y)?
Also open is what the firewall does with a filtered port --
does it silently drop the traffic, or respond via ICMP and,
if the latter, does it provide the *same* response that a
blocked port at the host does? (Probably not, since the
source address will be of the firewall rather than the NATted
destination....) Some firewall models offer the admin more
choice in this regard than others.
David Gillett
-----Original Message-----
From: thatch [mailto:leethatcher@xxxxxxxxx]
Sent: Friday, August 18, 2006 10:29 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Basic NAT / Firewall Question
forgive me if this question seems pretty basic but could
anyone tell explain this to me.
i'm performing a practice assesment and i have located an IP
of a web based mail server (OWA). this server is sitting
behind a hardware firewall (say PIX or Checkpoint)that is
NATing the IP Address to an internal non-routable address.
Now, if i use a tool such as Nmap to scan that external IP
are my scan results influenced by the Firewall. Do firewalls
when NATing take all traffic from the external IP and pass it
to the internal nertwork and expect the server to have the
remaing services closed down or do they only take traffic
destined for a port and drop everything else. if it's the
later, when i scan am i only scaning the 1 port that is
allowing traffic to be forward to it?
Is there a way of determining if the firewall is blocking the
traffic to the other ports or if the Server has been locked
down and is blocking them?
Any help would be appreciated.
Regards
Thatch
--
View this message in context:
http://www.nabble.com/Basic-NAT---Firewall-Question-tf2128555.
html#a5874111
Sent from the Security Basics forum at Nabble.com.
--------------------------------------------------------------
-------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of
Academic Excellence
in Information Security. Our program offers unparalleled
Infosec management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this
esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
--------------------------------------------------------------
-------------
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- Basic NAT / Firewall Question
- From: thatch
- Basic NAT / Firewall Question
- Prev by Date: Re: Basic NAT / Firewall Question
- Next by Date: Re: study help
- Previous by thread: Re: Basic NAT / Firewall Question
- Next by thread: Re: Basic NAT / Firewall Question
- Index(es):
Relevant Pages
|
|
