NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] what is port scan ? our IT auditor found hole!! How to close??




>Hi.. Jesus Calvo and dear all... if this is the case, how to close this two 
>port.. as we don't implement VPN here and I remember that there is no rules 
>for 264, 265 ports.  Why it is open?
>
>David
>
>>From: "Jesus Calvo Hernandez" <[email protected]>
>>To: "David Gollop" <[email protected]>
>>CC: "FW1-MailingList \(E-mail\)" <[email protected]>
>>Subject: Re: [FW1] what is port scan ? our IT auditor found hole!!
>>Date: Mon, 19 Mar 2001 13:15:38 +0100
>>
>>
>>HI
>>
>>fw-1 uses these ports for  vpn key exchangement; so if you´ve got a vpn to
>>another fw-1 or to securemote users they must be open in order to permit 
>>key
>>exchanges over the internet.
>>
>>regards
>>
>>
>>----- Original Message -----
>>From: "David Gollop" <[email protected]>
>>To: <[email protected]>
>>Sent: Monday, March 19, 2001 11:06 AM
>>Subject: [FW1] what is port scan ? our IT auditor found hole!!
>>
>>
>> >
>> > Hi..
>> >
>> > 1)My IT auditor told me she run a port scan product on the internet and
>>scan
>> > our firewall internet IP and found our firewall port 264, 265 are opened
>> > Why??  why it is opened??  What is port scan and where to download?
>> >
>> > I found these port are as follows, what is the function of that??
>> >
>> > bgmp 264/tcp    BGMP
>> > bgmp 264/udp    BGMP
>> > #
>> > Dave Thaler <[email protected]>
>> > x-bone-ctl 265/tcp    X-Bone CTL
>> > x-bone-ctl 265/udp    X-Bone CTL
>> >
>> > 2)How to set the alert on checkpoint?  how can we set the condition for
>>the
>> > alert to decide when and what to alert?
>> >
>> > Thanks
>> > David

I bet you've got an 'allow firewall services' rule right at the top.
It could well be this...

--
Ed Rolison
System Administrator
Phone: +44 (0) 1926 455303
http://www.byzantium.com
Byzantium Solutions Ltd


The information contained in this email is confidential and is intended for
the recipient only. The views contained in this email are those of the
author and not necessarily those of the company. If you have received this
email in error, please notify us immediately by reply and then delete it
from your system. Please do not copy it or use it for any purposes, or
disclose its contents to any other person or store or copy this information
in any medium.


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.