Hi Stuart, On Tue, Nov 28, 2006 at 02:56:25PM -0600, Stuart Johnston told us: > I don't have a real answer except to say that I have the same problem > behind a PIX, so it is not just you.
nice to see I'm at least not the only person with this problem ;-) I just took a look at pix NAT configuration (at the place I told about we do NAT on the pix to the mail server on a dmz network). The "static" command used for this on the pix takes an optional argument, "norandomseq" which disables tcp ISN randomization, which was a first suspect for p0f's behaviour on the inside... unfortunately that wasn't it...googling for more information, will come back when I have something new!! Kind regards, Sven -- Linux zion.homelinux.com 2.6.18-1.2849.fc6xen #1 SMP Fri Nov 10 13:56:52 EST 2006 i686 athlon i386 GNU/Linux 23:14:14 up 13 days, 32 min, 1 user, load average: 0.03, 0.25, 0.36
pgpStbuHJI48y.pgp
Description: PGP signature
