NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] userc.C




----- Original Message -----
From: <[email protected]>
To: "Rafiyq Mondesir" <[email protected]>
Cc: <[email protected]>
Sent: Saturday, March 10, 2001 10:41 PM
Subject: Re: [FW1] userc.C


>
> Hi Rafiyq,
>
> On Fre, Mär 02, 2001 at 01:15:21 -0800, Rafiyq Mondesir wrote:
> > My question is regarding the use of the userc.C file on the SecureRemote
> > Client.  It seems that this file contains details about the firewall on
> > which the client is supposed to connect to in order to establish VPN
> > connectivity.  Contained in the file is the DNS name and the IP address
of
> > the external and internal interfaces of the firewall.  It seems to me
that
> > this information undermines the Stealth and Hiding that one may
otherwise
> > wish to implement on the Firewall1VPN product.  Is there another way or
an
> > alternative that would make this information "invisible" in the userc.C
file?
>
> SecuRemote needs this information to function, so that would not be
useful.
> Checkpoint could make that information encrypted (password protected), but
> that would require users to give in yet another password.
>

Hi

Add the following entry to your userc.C before starting
securemote/secureclient and adding your site:

:options (
    :...
    :...
    :encrypt_db (true)
)
this will encrypt the entries in userc.C
=> BUT: If the user deletes this entry from userc.C and readds the site
again, the userc.C won't be encrypted.....
A better solution would be if checkpoint adds this option to the dnsinfo.C,
so the end user won't be able to change these settings...the same applies to
the other options in ":options ()"

regards,

mike






================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.