[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] reject/drop auth connections??
auth is ident. both are tcp port 113. The firewall objects.C file knows it as ident. Your Windows box with the gui knows it as auth (winnt/system32/drivers/etc/services..). Your log viewer is resolving using its local services file before it resolves using the checkpoint defined services. It should be covered by your 'any MailServer ident reject rule'. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, March 20, 2001 5:36 AM To: [email protected] Subject: [FW1] reject/drop auth connections?? Hi list I installed a new firewall yesterday and in the log I noticed lots of dropped connections to the customer's mail server, the service being "auth" (authentication). Usually I have my firewalls reject "ident" connections directed at mail servers and I think "auth" is also not necessary for standard SMTP exchanges?! My question: Is it okay to drop this service or should I rather reject it, because of the same reason reject is preferred for "ident" (timeout-issue) ? Thanks for any feedback Ralf G. z+z+z+z+z++z++z+z+z+++z+z++z++z+++z+++z+++z++z+z+z+z++z Ralf Guenthner, Senior IT Security Consultant Zentric - IT Security & Groupware Solutions Office Phone: +49-6101-556060 Fax: +49-6101-556065 mailto:[email protected] http://www.zentric.com +z+z+z+z+z++z++z+z+z+++z+z++z++z+++z+++z+++z++z+z+z+z++z ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|