[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] service 41508
Yes, but I bet you have your clients setup for both incoming and outgoing, i.e. they are mini servers broadcasting .... -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, September 12, 2000 1:21 PM To: Andy David; [email protected] Subject: RE: [FW1] service 41508 Yes, but Inoculan updates are requested manually from a desktop in another subnet, then pushed out to clients when they log into network. Nothing in the DMZ requests Inoculan. Laurin Buchanan, Manager, Internet Services / Webmaster National Music Publishers Association & The Harry Fox Agency, Inc. www.songfile.com | www.lyrics.ch | www.nmpa.org >-----Original Message----- >From: Andy David [mailto:[email protected]] >Sent: Tuesday, September 12, 2000 12:24 PM >To: '[email protected]'; [email protected] >Subject: RE: [FW1] service 41508 > > >Do you use Inoculan? > > >-----Original Message----- >From: [email protected] [mailto:[email protected]] >Sent: Tuesday, September 12, 2000 11:12 AM >To: [email protected] >Subject: [FW1] service 41508 > > > >Greetings Firewallers: > >Does anyone know what might legitimately use service 41508, or a >vulnerability that is based on this service? I've checked IANA list, this >specific port is in the "unassigned" group. All of a sudden my fw-1 logs >are flooded with dropped entries to my DMZ broadcast address on this >service: > >Service | source | destination | protocol | rule | length >41508 | Firewall_External | X.X.X..255 | udp | cleanup | 216 > >Our FW-1 is 3.0b patch 3068 (yes, I know, upgrade is planned for first week >in October) on NT4 SP4. We're using NAT and routing valid DMZ addresses to >the firewall, which then forwards packets to the servers. > >I don't like fact that the destination is the firewall_external object, but >I am unclear on what the difference is between that designation and the >actual IP address of the external interface of the firewall, which I >occassionally see in the logs. Ive taken a quick look at some of the >standard online & offline references and I'm still unclear as to what this >might all mean. Any information you can provide would be greatly >appreciated. > >thanks in advance, > >Laurin Buchanan, Manager, Internet Services / Webmaster >National Music Publishers Association & The Harry Fox Agency, Inc. >www.songfile.com | www.lyrics.ch | www.nmpa.org > > > > > >=================================================================== >========= >==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html >=================================================================== >========= >==== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|