Full Disclosure mailing list archives

Re: PIX vs CheckPoint

From: Laurent LEVIER <llevier () argosnet com>
Date: Wed, 30 Jun 2004 20:23:23 +0200

At 10:29 30/06/2004, Cyril Guibourg wrote:

AFAIK, a PIX can operate without NAT. Did I miss something ?

Yes, NAT can be disabled on Pix.
See the 'nat' command.

Simply put the appropriate line syntax and it will behaves as a normalFirewall.But only behaves because no routing daemon, and Pix keeps managing packetsas a NAT box, he just does not change the source IP


Brgrds

Laurent LEVIER
Systems & Networks Security Expert, CISSP CISM

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

PIX vs CheckPoint Darkslaker (Jun 29)
- Re: PIX vs CheckPoint David T Hollis (Jun 29)
- Re: PIX vs CheckPoint John Kinsella (Jun 29)
- Re: PIX vs CheckPoint Laurent LEVIER (Jun 29)
  - Re: PIX vs CheckPoint Cyril Guibourg (Jun 30)
    - Re: PIX vs CheckPoint Jaroslaw Sajko (Jun 30)
    - Re: PIX vs CheckPoint Laurent LEVIER (Jun 30)
- <Possible follow-ups>
- RE: PIX vs CheckPoint James Patterson Wicks (Jun 29)
  - RE: PIX vs CheckPoint Eric Paynter (Jun 29)
    - RE: PIX vs CheckPoint Gary E. Miller (Jun 29)
    - Re: PIX vs CheckPoint John Kinsella (Jun 29)
    - Re: PIX vs CheckPoint Eric Paynter (Jun 29)
    - RE: PIX vs CheckPoint Tom Curry (Jun 29)
    - Re: PIX vs CheckPoint Gary E. Miller (Jun 29)
    - Re: PIX vs CheckPoint Eric Paynter (Jun 29)
    - Re: PIX vs CheckPoint Jeff Kell (Jun 29)
    - Re: PIX vs CheckPoint Matt Ostiguy (Jun 29)

(Thread continues...)