[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Port numbers

To: jvieira@dmr.com
Subject: Re: [FW1] Port numbers
From: jvieira@dmr.com
Date: Wed, 21 Apr 1999 11:40:00 -0400
Cc: fw-1-mailinglist@softwhisper.us.checkpoint.com


Hello,

I'd like to thank everyone for helping me out with my problem

Also someone pointed me to this location
http://www.geek-speak.net/fw1/fw1_properties.html

It contains information about a security hole on FW1 v3.x and 4.x.  I made the
recommended changes but ran into one problem.  When I deselected 'Accept
Outgoing Packets'  The machines in my internal network could not access machines
in my DMZ.  I didn't check if they could go out to the internet.  With a little
playing around of the settings I noticed that I had to setup 'Apply Gateway
Rules to Interface Direction' to 'Eitherbound', the defalt is 'Inbound'.  Now I
don't know what kind of overhead this causes.

The one thing I didn't understand about the document is.  If the 'Accept
Outgoing Packets' option is set to 'Last' that means it checks all rules before
accepting outgoing packets.  Now if I'm right leaving that option as is will not
create a security hole.

Can anyone shed some light on this.

Thanks,

Joe





jvieira@dmr.com on 04/20/99 05:11:17 PM

To:   fw-1-mailinglist@softwhisper.us.checkpoint.com
cc:    (bcc: Joseph Vieira/DMR/CA)
Subject:  [FW1] Port numbers





Hello

I ran a port scan software on my firewall (UltraScan v1.2) to see if anything
was getting in.
Ports 256,257,258 showed up as active on the port scanner but on the FW logs
they
should up as droped (I have a rule that drops anything destined for the FW).
Port 259
did not show up as active but it did not show up on the logs either.

Some of the ports showed up as predefined services on the log
FW1       port 256
FW1_clntaut    port 259
FW1_log   port 257
FW1_mgmt  port 258


Now should I beleave the port scanner or the FW logs?

Joe




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================






================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Defining an HTTP Service for A range of Ports?
Next by Date: Re: [FW1] strange problem resolving addresses
Prev by thread: RE: [FW1] Port numbers
Next by thread: [FW1] 3.0 on NT install issue.
Index(es):
- Date
- Thread