| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] Heads UP! Service Object Change, Don't Do it...
I use this format for user-defined services but leave the built-in ones
alone (probably a wise move by the sound of it !).
Would be interesting to hear why rename causes problems - perhaps they are
referred to by their "well-known" port names in some lookup file ?
Effectively most 'sniffers' will show a service as smtp, ftp etc. and
Checkpoint is expecting to handle in a similar fashion ? - i.e. packet
shows ftp type but your rule refers to ftp-21 which doesn't exist so fw1
can't do anything with that rule.
This is my best guess anyway - any other ideas out there ?
Tim Higgins
"Cosgriff, Joe"
<[email protected]> To: "'[email protected]'"
Sent by: <[email protected]>
[email protected] cc:
kpoint.com Subject: [FW1] Heads UP! Service Object Change, Don't Do it...
12/09/00 12:25
I am not sure if any one else has run into this problem but I did in a big
way last night. I am a little new to checkpoint FW-1 and I also am trying
to work through an inherited rule base that is + 75 rules. I am not trying
to make an excuse just inform you as to my reason for some changes I was
making. I was going through the rule base yesterday and making name change
to the services objects. (i.e. if we had an object that was TCP based and
doing something on a specific port, to make quick review of the rule base;
I
changed the object to read TCP-<port#>). In my over zealous attempt at
simplification I also made the name change to all services, i.e. TCP-telnet
by adding, TCP-telnet-<port#> and to the default objects. Again, this was
done in the "Service Properties" window under the General- Name tab. All I
added was the name <telnet-<port#>. No change was made to the Port number
or the protocol type. The only thing that was added was the addition of
the
port # after the name. This may sound confusing and let me tell you, it
was
very confusing trying to figure it out. I guess you are never to change
the
default service objects. Being new and having graduated the checkpoint
class I do not remember any one ever saying don't change the default
objects. If any one knows where this is documented please let me know. If
any one is even thinking about changing the object don't. I am not sure
why
a name change would effect the service but apparently it does. Hope this
helps at least one person.
Joseph L. Cosgriff
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
#**********************************************************************
This message is intended solely for the use of the individual
or organisation to whom it is addressed. It may contain
privileged or confidential information. If you have received
this message in error, please notify the originator immediately.
If you are not the intended recipient, you should not use,
copy, alter, or disclose the contents of this message. All
information or opinions expressed in this message and/or
any attachments are those of the author and are not
necessarily those of Hughes Network Systems Limited,
including its European subsidiaries and affiliates. Hughes
Network Systems Limited, including its European
subsidiaries and affiliates accepts no responsibility for loss
or damage arising from its use, including damage from virus.
#**********************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
