NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] service 41508



Yes, but I bet you have your clients setup for both incoming and outgoing,
i.e. they are mini servers broadcasting ....

-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Tuesday, September 12, 2000 1:21 PM
To: Andy David; [email protected]
Subject: RE: [FW1] service 41508


Yes, but Inoculan updates are requested manually from a desktop in another
subnet, then pushed out to clients when they log into network.  Nothing in
the DMZ requests Inoculan.

Laurin Buchanan, Manager, Internet Services / Webmaster
National Music Publishers Association & The Harry Fox Agency, Inc.
www.songfile.com | www.lyrics.ch | www.nmpa.org



>-----Original Message-----
>From: Andy David [mailto:[email protected]]
>Sent: Tuesday, September 12, 2000 12:24 PM
>To: '[email protected]'; [email protected]
>Subject: RE: [FW1] service 41508
>
>
>Do you use Inoculan?
>
>
>-----Original Message-----
>From: [email protected] [mailto:[email protected]]
>Sent: Tuesday, September 12, 2000 11:12 AM
>To: [email protected]
>Subject: [FW1] service 41508
>
>
>
>Greetings Firewallers:
>
>Does anyone know what might legitimately use service 41508, or a
>vulnerability that is based on this service?  I've checked IANA list, this
>specific port is in the "unassigned" group.  All of a sudden my fw-1 logs
>are flooded with dropped entries to my DMZ broadcast address on this
>service:
>
>Service | source | destination | protocol | rule | length
>41508 | Firewall_External | X.X.X..255 | udp | cleanup | 216
>
>Our FW-1 is 3.0b patch 3068 (yes, I know, upgrade is planned for first week
>in October) on NT4 SP4. We're using NAT and routing valid DMZ addresses to
>the firewall, which then forwards packets to the servers.
>
>I don't like fact that the destination is the firewall_external object, but
>I am unclear on what the difference is between that designation and the
>actual IP address of the external interface of the firewall, which I
>occassionally see in the logs.  Ive taken a quick look at some of the
>standard online & offline references and I'm still unclear as to what this
>might all mean.  Any information you can provide would be greatly
>appreciated.
>
>thanks in advance,
>
>Laurin Buchanan, Manager, Internet Services / Webmaster
>National Music Publishers Association & The Harry Fox Agency, Inc.
>www.songfile.com | www.lyrics.ch | www.nmpa.org
>
>
>
>
>
>===================================================================
>=========
>====
>     To unsubscribe from this mailing list, please see the instructions at
>               http://www.checkpoint.com/services/mailing.html
>===================================================================
>=========
>====
>


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.