Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] BMC Patrol

To: [email protected]
Subject: [FW1] BMC Patrol
From: Daniel Gerber <[email protected]>
Date: Fri, 20 Oct 2000 16:05:58 +1000
Organization: National Services Information Technology Enterprises
Reply-to: [email protected]
Sender: [email protected]

Does anyone have any experience with allowing BMC Patrol through
Firewall-1 4.0 ?

Our Patrol people tell me that they need to run it on TCP, as UDP isn't
working for them or something.   However, they say (and the
documentation agrees) that with TCP you can't tie down the port.
Apparently it uses 1987 to initiate a connection, but then negotiates a
"pseudo-random" port number for that connection, anything above 1500.
Is there any way around this ?   To me it doesn't seem too different
from what ftp or sqlnet2 do, so I thought perhaps there might be a way
to recognise this on the Firewall ?   The Patrol doco says there isn't.

Cheers,

Daniel



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Snort as IDS on Firewall
Next by Date: RE: [FW1] FW-1 plus load-balancing
Previous by thread: Re: [FW1] No License for Encryption
Next by thread: [FW1] rule 0 decryption failure: No 'encryption' or 'fwz' license scheme: FWZ --- Securemote
Index(es):
- Date
- Thread