[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] ftp server using random high ports and checkpoint
Something is amiss.. You should not need to configure the rulebase this way, and no, it is neither safe nor secure...IMHO. What you are seeing sounds like PASV mode ftp.. are you having problems accessing one ftp server in particular, or are you seeing this on any attempt? Although you should not need it, I have a document posted at phoneboy that people have told me with a little modification, has helped them with similar problems. I feel like I am giving you advice that is not safe, because you really did not post enough info about your enviornment. Therefore I cheerfully jumped to the conclusions above. Feel free to post details about your situation. Frank -----Original Message----- From: Ivan Fox [mailto:[email protected]] Sent: Friday, December 22, 2000 4:55 PM To: Ms. Geekgirl; [email protected]; [email protected]; [email protected] Subject: Re: [FW1] ftp server using random high ports and checkpoint I have checked the properties. It's been enabled. The problem is still here :-( ----- Original Message ----- From: "Ms. Geekgirl" <[email protected]> To: <[email protected]>; <[email protected]>; <[email protected]>; <[email protected]> Sent: Friday, December 22, 2000 2:48 PM Subject: RE: [FW1] ftp server using random high ports and checkpoint > > easy way is to check the policy->properties->services->enable ftp port data connections. Or create the rules. I wouldn't open the high ports in the fashion your thinking. > > >From: "Ivan Fox" <[email protected]> > >Subject: [FW1] ftp server using random high ports and checkpoint > >Date: Tue, 19 Dec 2000 18:45:00 -0500 > > > > > >Some of our users need to access an external ftp server. Therefore, we > >setup a rule to use port 20 and 21. However, the ftp server responds their > >request using random high ports, therefore, we need to setup a "returning > >rule" allowing the ftp server coming back using high-ports (>1023). > > > >Is it typical for ftp server's returning packets using random high ports? > >Is it "safe/secure" to setup such rule on checkpoint firewall? > >Any implications that we need to be aware of? > > > >Any pointers are appreciated. > > > >Thanks, > > > >Ivan > > > > > > > > > > > >=========================================================================== ===== > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > >=========================================================================== ===== > > > > gg > (Like a seedling in Spring, green and vulnerable.) > > ------------------------------------------------------------ > Email account furnished courtesy of AntiOnline - http://www.AntiOnline.com > AntiOnline - The Internet's Information Security Super Center! > > > > > ========================================================================== ====== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > - [To unsubscribe, send mail to [email protected] with "unsubscribe firewalls" in the body of the message.] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|