|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Heads UP! Service Object Change, Don't Do it...
I think what you saw *may* have something to do with the reserved words that the firewall maintains.. ie: TCP.... So if you'd called it Freds-Port, you might have been okay... if you see what I mean?! I tend to leave the predefined services alone.. and create user defined services where required with sensible names (preferably those from a services file). You might find http:www.portsdb.org useful in finding 'proper' names for services. Tom > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Tuesday, September 12, 2000 3:39 PM > To: Cosgriff, Joe > Cc: [email protected] > Subject: Re: [FW1] Heads UP! Service Object Change, Don't Do it... > > > > > I use this format for user-defined services but leave the > built-in ones > alone (probably a wise move by the sound of it !). > > Would be interesting to hear why rename causes problems - > perhaps they are > referred to by their "well-known" port names in some lookup file ? > Effectively most 'sniffers' will show a service as smtp, ftp etc. and > Checkpoint is expecting to handle in a similar fashion ? - i.e. packet > shows ftp type but your rule refers to ftp-21 which doesn't > exist so fw1 > can't do anything with that rule. > > This is my best guess anyway - any other ideas out there ? > > > Tim Higgins > > > > > > > "Cosgriff, Joe" > > > <[email protected]> > To: "'[email protected]'" > > Sent by: > <[email protected]> > > [email protected] > cc: > > kpoint.com > Subject: [FW1] Heads UP! Service Object Change, Don't > Do it... > > > > > > > 12/09/00 12:25 > > > > > > > > > > > > > > I am not sure if any one else has run into this problem but I > did in a big > way last night. I am a little new to checkpoint FW-1 and I > also am trying > to work through an inherited rule base that is + 75 rules. I > am not trying > to make an excuse just inform you as to my reason for some > changes I was > making. I was going through the rule base yesterday and > making name change > to the services objects. (i.e. if we had an object that was > TCP based and > doing something on a specific port, to make quick review of > the rule base; > I > changed the object to read TCP-<port#>). In my over zealous > attempt at > simplification I also made the name change to all services, > i.e. TCP-telnet > by adding, TCP-telnet-<port#> and to the default objects. > Again, this was > done in the "Service Properties" window under the General- > Name tab. All I > added was the name <telnet-<port#>. No change was made to > the Port number > or the protocol type. The only thing that was added was the > addition of > the > port # after the name. This may sound confusing and let me > tell you, it > was > very confusing trying to figure it out. I guess you are > never to change > the > default service objects. Being new and having graduated the > checkpoint > class I do not remember any one ever saying don't change the default > objects. If any one knows where this is documented please > let me know. If > any one is even thinking about changing the object don't. I > am not sure > why > a name change would effect the service but apparently it > does. Hope this > helps at least one person. > > Joseph L. Cosgriff > > > > ============================================================== > ================== > > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > > > > > > #************************************************************* > ********* > This message is intended solely for the use of the individual > or organisation to whom it is addressed. It may contain > privileged or confidential information. If you have received > this message in error, please notify the originator immediately. > If you are not the intended recipient, you should not use, > copy, alter, or disclose the contents of this message. All > information or opinions expressed in this message and/or > any attachments are those of the author and are not > necessarily those of Hughes Network Systems Limited, > including its European subsidiaries and affiliates. Hughes > Network Systems Limited, including its European > subsidiaries and affiliates accepts no responsibility for loss > or damage arising from its use, including damage from virus. > #************************************************************* > ********* > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > Allasso Theale House Brunel Road Theale, Reading RG7 4AQ +44 (0)[email protected] http://www.allasso.com DISCLAIMER Any opinions expressed in this email are those of the individual and not necessarily the Company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the IT manager by telephone on +44 (0)or via email to [email protected], including a copy of this message. Please then delete this email and destroy any copies of it. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
