This is called PAT (port address translation) and it has been around for about as long as NAT. Most flavors of Unix will do it, as well as most proxy based commercial firewalls. -----Original Message----- From: Joshua.P.Robinett@firstar.com [mailto:Joshua.P.Robinett@firstar.com] Sent: Wednesday, June 27, 2001 3:39 PM To: firewalls@pluto.gnac.com Subject: Firewall port Technology Was looking for some critisism on an idea im working on. Send reply's on why it would/woudln't work or if someone has thought of this already. The idea is to have the firewall switch the incoming and outgoing ports in packets in order to create a "masking" operation between the internal and external network. Thus masking the internal port number from being read from the outside network. As a incoming packet is received the external port number. (ex 80) is interchanged with the internals port used (ex 2789). Thus if a Malicious packet was received (buffer overflow) at the Web Server (behind the firewall), and the Web server send an ACK back with the reply port as being 80, the packet is logged and discarded through the use of an ACL. The following document is a packet example: Look forward to your replies. Sincerely, Josh Robinett (See attached file: example.txt) _______________________________________________ Firewalls mailing list Firewalls@lists.gnac.net http://lists.gnac.net/mailman/listinfo/firewalls