[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] userc.C
----- Original Message ----- From: <[email protected]> To: "Rafiyq Mondesir" <[email protected]> Cc: <[email protected]> Sent: Saturday, March 10, 2001 10:41 PM Subject: Re: [FW1] userc.C > > Hi Rafiyq, > > On Fre, Mär 02, 2001 at 01:15:21 -0800, Rafiyq Mondesir wrote: > > My question is regarding the use of the userc.C file on the SecureRemote > > Client. It seems that this file contains details about the firewall on > > which the client is supposed to connect to in order to establish VPN > > connectivity. Contained in the file is the DNS name and the IP address of > > the external and internal interfaces of the firewall. It seems to me that > > this information undermines the Stealth and Hiding that one may otherwise > > wish to implement on the Firewall1VPN product. Is there another way or an > > alternative that would make this information "invisible" in the userc.C file? > > SecuRemote needs this information to function, so that would not be useful. > Checkpoint could make that information encrypted (password protected), but > that would require users to give in yet another password. > Hi Add the following entry to your userc.C before starting securemote/secureclient and adding your site: :options ( :... :... :encrypt_db (true) ) this will encrypt the entries in userc.C => BUT: If the user deletes this entry from userc.C and readds the site again, the userc.C won't be encrypted..... A better solution would be if checkpoint adds this option to the dnsinfo.C, so the end user won't be able to change these settings...the same applies to the other options in ":options ()" regards, mike ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|