|
|
#1
May 17th, 2003, 09:14 PM
|
|||
|
|||
Backtracing Capabilities in Software Firewalls
Is the backtracing feature in software firewalls effective, say if someone was using a proxy?
Ive read in an article that by examining the TTL field in an IP header you can at least tell how many hops this packet has traveled. Though the author also mentioned that this is no longer very effective either. Thanks again
__________________
The internet is a great way to connect to the net. |
|
#2
May 18th, 2003, 04:36 AM
|
||||
|
||||
|
Re:Backtracing Capabilities in Software Firewalls
Quote:
Hello, I should not recommend using this kind of tool : if it's really an attack nobody is stupid enough to do it with is real IP. I it's just a probe to find weak machines the only result is that the scriptkiddie now knows for sure there is someone at your address  Better to use online tool like VisualRoute Demo from their site : the potential attacker will not see it's coming from you IP Rgds,
__________________
JacK http://www.optimix.be.tf http://www.websecurite.org |
|
#3
May 18th, 2003, 06:23 AM
|
|||
|
|||
|
Re:Backtracing Capabilities in Software Firewalls
Hi JacK,
is VisualRoute similar to NeoTrace Pro? It looks quite the same. Any knowledge about that? Regards, Patrice
__________________
I know nothing except the fact of my ignorance. (Socrates 470-399 bc) |
|
#4
May 18th, 2003, 12:14 PM
|
|||
|
|||
|
Re:Backtracing Capabilities in Software Firewalls
I was wondering because when people get something in their firewall log or get an alert that they are being port scanned or pinged (numerous amounts of time), the first instinct is to usually check the log and the IP of the intruder. But as Jack mentioned, a lot of people today aren't going to conduct an attack from their own IP. So how effective are logs and the backtracing feature in firewalls? Are they only effective in telling the user of the origin of the last packet destination? Or are they effective enough to offer as proof to an ISP if someone is in violation of their ISP's TOS?
Thank you again
__________________
The internet is a great way to connect to the net. |
|
#5
May 18th, 2003, 01:47 PM
|
||||
|
||||
|
Re:Backtracing Capabilities in Software Firewalls
Thanks for the info on VisualRoute Demo
Evern though I know I shouldn't be using the back trace funtion in Sygate, I still do. ooppssss. I will give Visual Route a try con |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
