NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] what is port scan ? our IT auditor found hole!! How to close??

  • To: "Volker Tanger" <[email protected]>, <[email protected]>
  • Subject: RE: [FW1] what is port scan ? our IT auditor found hole!! How to close??
  • From: "Adams, Gavin" <[email protected]>
  • Date: Tue, 20 Mar 2001 17:35:40 -0400
  • Sender: [email protected]
  • Thread-index: AcCxKyBdIsBhwmKxQ7yO4dDg4iskNAAWfMmg
  • Thread-topic: [FW1] what is port scan ? our IT auditor found hole!! How to close??
If the auditor was worth his/her salt, being able to come back and state
with a high level of confidence what type of firewall and even the major
version number is always a good finding. ;)

--- Gavin

 -----Original Message-----
From: 	Volker Tanger [mailto:[email protected]] 
Sent:	Tuesday, March 20, 2001 06:34
To:	[email protected]
Subject:	Re: [FW1] what is port scan ? our IT auditor found
hole!!  How to close??


Greetings!

Ed Rolison schrieb:

> >Hi.. Jesus Calvo and dear all... if this is the case, how to close
this two
> >port.. as we don't implement VPN here and I remember that there is no
rules
> >for 264, 265 ports.  Why it is open?

> I bet you've got an 'allow firewall services' rule right at the top.

In the policy editor  do  Policy / Properties  and there on the
"Security Policy"
Tab you will find "Implied Rules" starting near the middle of the
window.  There you
will find the mentioned (probably checked)  "Accept VPN..."

#ifdef flamebait
Just to be nasty:  why did your IT security auditor do not tell you that
you have
the FW1 VPN services enabled (superfluously) - instead of just telling
you the port
numbers?  Any serious auditor for FW1 should IMHO know what these ports
are...
#endif

Bye
    Volker

--

Volker Tanger  <[email protected]>
 Wrangelstr. 100, 10997 Berlin, Germany
    DiSCON GmbH - Internet Solutions
         http://www.discon.de/




========================================================================
========
     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
========




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.