Great Circle Associates Firewalls
(December 1997)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: How many hosts do I have??
From: "Ufuk M. Fakioglu" <fakioglu @ infonet . com . tr>
Organization: InfoNet Information Technologies Inc.
Date: Mon, 22 Dec 1997 09:25:20 +0200
To: Can Baysal <baysalc @ boun . edu . tr>
Cc: firewalls @ GreatCircle . COM
References: <349D6BB1 . 46BEE8ED @ boun . edu . tr>
Reply-to: fakioglu @ infonet . com . tr

Hi Can,

This is neither an attack nor a bug. The thing is with single gateway
products (so does checkpoint call them) you have to specify the external
interface so that the fw really knows which hosts are internal and which
are not. in case you don't specify the external if, fw-1 behaves as if
all the IP addresses he encounters as internal addresses and that's why
he thinks you have violated the license.

By the way from whom did you purchase fw-1? Because InfoNet, which is a
pure BOUN company (Assoc Prof Kemal Ciliz is the CEO, and i am the
managing director (BS BOUN EE)) has been doing firewall business for
three years alrady, and i did not know you had a fw at boun.

Can Baysal wrote:
> Hello;
>         Here in BoUn we are running FW-1 for a small part of our network. Mail,
> news, www etc. servers are behind the firewall. Especially because of a
> tight budget (a state funded University) and a heavy network traffic, we
> did not get all of the campus network behind FW-1. So that a small
> license (only for 25 hosts I think) was (in fact still is) good enough
> for our needs.
>         However, last week when I reboot the system, during the boot up, I had
> a warning from firewall software, which states that "There are more
> hosts than 25" and if I could contact my reseller. Although this is a
> typical license violation message, our reseller (seems to) do not take
> this quite seriously. They did not send anybody at that day and the day
> after they could not find any time to come here (due to a serious(!)
> problem in another customer, who, if I'm not wrong, runs FW-1 on an NT
> box, which is a problem by itself)
>         The important thing is, while FW-1 is thinking that there are more than
> 25 internal hosts, there are only 8 of them, in physically realty , and
> in configuration files. It claims many foreign (quite foreign, what
> about !!) hosts as its internal hosts.
>         Any idea, how and why this happened, and is this position harmful? I do
> not like the idea of seeing external hosts as internal ones. If this is
> a kind of attack, it should be a very serious one. I could not find any
> extraordinary (this is a school, you know, small attacks are daily
> issue) hacking attempt on our systems.
>         Regards;
> --
> -------------------------------------------------------------------
> |  Can Baysal <baysalc @
 boun .
 edu .
 tr> |        System Manager       |
> -------------------------------------------------------------------
>                 never cared for what they say
>                 never cared for games they play
>                 never cared for what they do
>                 never cared for what they know
>                 and I know

Indexed By Date Previous: Split DNS configuration
From: Yinan Yang <YYANG @ nla . gov . au>
Next: RE: (Off Topic) Duplicate Messages?
From: Martin Hepworth <martin . hepworth @ blackwell . co . uk>
Indexed By Thread Previous: Re: How many hosts do I have??
From: Jonathan Care <jonc @ netcetera . co . uk>
Next: Re: configuring Ciscos' As proxy
From: Fyodor <fygrave @ freenet . bishkek . su>

Search Internet Search