--- Begin Message ---
Title: Re: [FW1] ftp server using random high ports and checkpoint
I have checked the properties. It's been enabled. The problem is still
here :-(
----- Original Message -----
From: "Ms. Geekgirl" <[email protected]>
To: <[email protected]>; <[email protected]>;
<[email protected]>; <[email protected]>
Sent: Friday, December 22, 2000 2:48 PM
Subject: RE: [FW1] ftp server using random high ports and checkpoint
>
> easy way is to check the policy->properties->services->enable ftp port
data connections. Or create the rules. I wouldn't open the high ports in the
fashion your thinking.
>
> >From: "Ivan Fox" <[email protected]>
> >Subject: [FW1] ftp server using random high ports and checkpoint
> >Date: Tue, 19 Dec 2000 18:45:00 -0500
> >
> >
> >Some of our users need to access an external ftp server. Therefore, we
> >setup a rule to use port 20 and 21. However, the ftp server responds
their
> >request using random high ports, therefore, we need to setup a "returning
> >rule" allowing the ftp server coming back using high-ports (>1023).
> >
> >Is it typical for ftp server's returning packets using random high ports?
> >Is it "safe/secure" to setup such rule on checkpoint firewall?
> >Any implications that we need to be aware of?
> >
> >Any pointers are appreciated.
> >
> >Thanks,
> >
> >Ivan
> >
> >
> >
> >
> >
>
>===========================================================================
=====
> > To unsubscribe from this mailing list, please see the instructions
at
> > http://www.checkpoint.com/services/mailing.html
>
>===========================================================================
=====
>
>
>
> gg
> (Like a seedling in Spring, green and vulnerable.)
>
> ------------------------------------------------------------
> Email account furnished courtesy of AntiOnline - http://www.AntiOnline.com
> AntiOnline - The Internet's Information Security Super Center!
>
>
>
>
> ==========================================================================
======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
--- End Message ---