|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] SecRemote: topology download!
By default, Checkpoint enables cleartext topology downloads. I have asked them repeatedly for about 3 years to change this (and a couple of other) default settings.
>From: Christoph Nagelreiter
>To: "Secure 1 Mailing List (E-Mail)"
>Subject: [FW1] SecRemote: topology download!
>Date: Thu, 1 Feb 2001 15:07:45 +0100
>
>
>Hi,
>
>My SecRemote (SP-2 DES) client works great, but:
>
>The download of the topology is no problem. I used a sniffer (TCP port 264)
>to examine the topology download from our FW-1 over the Internet to my
>client.
>In the sniffer´s log file i found the whole topology in !!plaintext!!
>
>I don´t think that is okay, or?
>Do i have to use another encryption scheme?
>Can anyone who is maybe in the same "network area" as my client and he knows
>the Checkpoint software, listen to TCP port 264? ( He can get the FW-1 IP
>Address and more)
>
>Thank you.
>
>ChrisN
>
>
>
>================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>================================================================================
Get your FREE download of MSN Explorer at http://explorer.msn.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|