The method by which a firewall blocks a packet from entering its network can reveal which type of firewall it is. For example, the CiscoSecure PIX firewall will send back ICMP type 13 packets, stating that the destination is unreachable, which immediately identifies itself as a PIX firewall. This feature can be disabled with the command: no ip unreachables To confuse hackers, some programs such as Firewall1 can send spoofed replies back to the hacker so that he does not know if the packet was blocked or if it actually got to the end host. |