Firewalls: Re: Problem passing PING

Firewalls
(November 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Problem passing PING
From:	Nick Simicich <njs @ scifi . squawk . com>
Date:	Sat, 9 Nov 1996 00:31:09 -0500 (EST)
To:	Rabid Wombat <wombat @ mcfeely . bsfs . org>
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<Pine . BSF . 3 . 91 . 961108171823 . 24527A-100000 @ mcfeely . bsfs . org>

On Fri, 8 Nov 1996, Rabid Wombat wrote:

> Hi all:
> 
> Was wondering if anybody had seen this one:
> 
> Using Novell's PING.NLM, we can ping any internal address with the 
> default "payload" size of 40 bytes. We can't ping any addresses outside a 
> Checkpoint firewall.
> 
> If the "payload" size is increased to 48 bytes, everything works fine.
> 
> All other pings work, including Novell's TPING sent from the same system.
> 
> Can't look at the actual packets - loaned out the protocol analyzer  :(
> 
> Any ideas?

Maybe they are filtering on fragment size?  (Yes, I know that this packet 
is probably not a fragment, but they may just be filtering on size).  
There are many reasons for not passing fragments that only pass one octet 
of data.

Eat a package of natto first thing in the morning and nothing worse can happen  to you for the rest of the day.
Nick Simicich-njs @
 scifi .
 squawk .
 com 
(last choice)-nick_simicich @
 bocaraton .
 ibm .
 com
http://scifi.squawk.com/njs.html -- Stop by and Light Up The World!

References:

Problem passing PING
From: Rabid Wombat <wombat @ mcfeely . bsfs . org>

Indexed By Date	Previous:	Re: Plain-text passwords From: Kent Crispin <kent @ songbird . com>
Indexed By Date	Next:	ssh licensing From: Kent Crispin <kent @ songbird . com>
Indexed By Thread	Previous:	Problem passing PING From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Indexed By Thread	Next:	[no subject] From: "Alex Ponti" <aponti @ interbusiness . it>