[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] AW: [FW1] How can I block ports 264 & 265?
264 fw1_topo (Check Point VPN-1 SecuRemote Topology Requests) 265 fw1_key (Check Point VPN-1 Public Key Transfer Protocol) see http://www.phoneboy.com/fw1/faq/0345.html Frank > -----Ursprüngliche Nachricht----- > Von: [email protected] > [mailto:[email protected]]Im Auftrag von > Robert Binder > Gesendet: Mittwoch, 11. Oktober 2000 13:15 > An: [email protected] > Cc: [email protected] > Betreff: Re: [FW1] How can I block ports 264 & 265? > > > > Hi, > > there is a rule which allows these ports :-)) > > Its the "Allow FW-1 Control Connections" in the > properties. Firewall-1 uses these ports for the snmp deamons. If > you uncheck this line, you should setup a special rule, above the > stealth rule, which allows these control connections to and from > the management station or probably other internal servers. This > depends on the design and the configuration of the whole > environment at your site. > > Have a closer look to the documents of Lance Spitzner > (www.enteract.com\~lspitz) or the different documents at phoneboy > (www.phoneboy.com). > > Robert > > On Wed, 11 Oct 2000 [email protected] wrote: > > > > > I have performed a basic portscan test from Securityspace against my system > > and found two open ports: > > 264 - tcp- service bgmp > > 265 - tcp- unknown > > > > What should I do to block access through these ports? I don't have any FW > > rule that allows them. > > > > Thanks in advance, > > > > Victoria > > > > Global Manufacturers' Services Valencia (Spain) > > > > > > ================================================================================ > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================================================ > > > > ---------------------------------------- > Robert Binder > IT-Security Consultant > > Integralis, Niederlassung München > Gutenbergstr. 1 > D-85737 Ismaning > Tel: +49-89-94573-235 > Fax: +49-89-94573-119 > http://www.integralis.de/ > > A member of the Articon-Integralis Group > > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|