?????????Nmap????????????????????????裩???????????1720???????telnet????????????????????????????δ??????????????????????????????£?
????H.323Э????????з??????????????????????????????????????????????????????????????????????????????????????????????NAT?豸/?????????????Щ??????????????б?????????????????????
??????????NAT??????????????IP????????ALG????????????Щ????????????????????ALG?????NAT???????·?????????????????Cisco??Checkpoint?????????NAT?豸/??????????H.323 ALG?????????
????Because H323 traffic is changed every time on the FW to accommodate NAT and payload changed (because this is a TCP connection) the FW has to serve as a proxy between both sides of the connection.
????Port scans and telnet do just that?? send SYN packets everywhere and wait for replay without sending any real data. When there is a rule match the 1720 port will answer the packet with a SYN-ACK but if the data is not legitimate the packet will be dropped along the way of the established connection.
?????????Checkpoint????????????????ALG???????????????H.323Э?????????1720???????H.323???????????telnet??????????????????????????????????????????????????????????????