Search
	display results
words begin exact words any words part
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] what is port scan ?cannot to FWbox after properties cha nge SOS!!

To: "'David Gollop'" <[email protected]>, [email protected], [email protected]
Subject: RE: [FW1] what is port scan ?cannot to FWbox after properties cha nge SOS!!
From: Michael Liberte <[email protected]>
Date: Wed, 21 Mar 2001 12:07:11 +0200
Cc: [email protected]
Sender: [email protected]
Ask someone to issue a "fw unload localhost" command on the firewall
console.
Then connect with your gui, change whatever you need to change, and
reinstall the policy.
Beware that after you issue the command and until you reinstall the policy,
your network is unprotected.
If you can telnet to the sun box, you can do it through your telnet console.
Cheers,
Michael.

-----Original Message-----
From: David Gollop [mailto:[email protected]]
Sent: Wednesday, March 21, 2001 8:48 AM
To: [email protected]; [email protected]
Cc: [email protected]
Subject: RE: [FW1] what is port scan ?cannot to FWbox after properties
change SOS!!



Hi.. Dear Gibson, Jesus and all

Sorry I haven't read your mail before I made the change. (uncheck Accept VPN

and Firewall connection and I also uncheck the Accept ICMP) Now I found I 
cannot connect to my sun fw in tokyo using GUI client. But I still can 
telnet into sun box and check the deamon is running and policy is taking 
effect but just connect to it using GUI client.

Can I ask
1)Whether we can still open the fwpolicy (FWGUI) using the console to undo 
it.  I cannot physically access the SUN box as I am not in Tokyo but I think

of ask somebody help?

2)If we cannot connect using console GUI. how are we going to undo it? Can 
do it using command line??

3)When we made the management properties, when does it take effect? After 
clicking the OK button?? or I need to reinstall the current policy? why I 
seems like losing connection after I resinstall policy

4)I have another firewall and I also uncheck the "ACCEPT Firewall-1 control 
connections. But we still can connect using Client GUI, but I found the 
difference is their entry

The one which Cannot connect, the entry is as follow
APPLY GATEWAY Rules to Interface Direction :Eitherbound

The one still Can connect, the entry is as follow
APPLY GATEWAY Rules to Interface Direction :Inbound

What is mean by inbound and outbound? The firewall in between the internet 
and local LAN, so What is in/outbound refer to??

Pls help if u know  SOS




>From: "Gibson, Brian" <[email protected]>
>To: 'David Gollop' <[email protected]>, [email protected]
>CC: [email protected]
>Subject: RE: [FW1] what is port scan ? our IT auditor found hole!!  How to

>close??
>Date: Tue, 20 Mar 2001 07:18:58 -0500
>
>Go to your management station properties and turn off Accept FW-1
>connectios.  Be aware, however, that you need to set up a rule for those
>services so that your management station can properly connect to the bo or
>you will not be able to access the FW box after the change.
>
>-----Original Message-----
>From: David Gollop [mailto:[email protected]]
>Sent: Tuesday, March 20, 2001 12:58 AM
>To: [email protected]
>Cc: [email protected]
>Subject: Re: [FW1] what is port scan ? our IT auditor found hole!! How
>to close??
>
>
>
>Hi.. Jesus Calvo and dear all... if this is the case, how to close this two
>port.. as we don't implement VPN here and I remember that there is no rules
>for 264, 265 ports.  Why it is open?
>
>David
>
> >From: "Jesus Calvo Hernandez" <[email protected]>
> >To: "David Gollop" <[email protected]>
> >CC: "FW1-MailingList \(E-mail\)" 
><[email protected]>
> >Subject: Re: [FW1] what is port scan ? our IT auditor found hole!!
> >Date: Mon, 19 Mar 2001 13:15:38 +0100
> >
> >
> >HI
> >
> >fw-1 uses these ports for  vpn key exchangement; so if you´ve got a vpn 
>to
> >another fw-1 or to securemote users they must be open in order to permit
> >key
> >exchanges over the internet.
> >
> >regards
> >
> >
> >----- Original Message -----
> >From: "David Gollop" <[email protected]>
> >To: <[email protected]>
> >Sent: Monday, March 19, 2001 11:06 AM
> >Subject: [FW1] what is port scan ? our IT auditor found hole!!
> >
> >
> > >
> > > Hi..
> > >
> > > 1)My IT auditor told me she run a port scan product on the internet 
>and
> >scan
> > > our firewall internet IP and found our firewall port 264, 265 are 
>opened
> > > Why??  why it is opened??  What is port scan and where to download?
> > >
> > > I found these port are as follows, what is the function of that??
> > >
> > > bgmp 264/tcp    BGMP
> > > bgmp 264/udp    BGMP
> > > #
> > > Dave Thaler <[email protected]>
> > > x-bone-ctl 265/tcp    X-Bone CTL
> > > x-bone-ctl 265/udp    X-Bone CTL
> > >
> > > 2)How to set the alert on checkpoint?  how can we set the condition 
>for
> >the
> > > alert to decide when and what to alert?
> > >
> > > Thanks
> > > David
> > >
> >_________________________________________________________________________
> > > Get Your Private, Free E-mail from MSN Hotmail at
> >http://www.hotmail.com.
> > >
> > >
> > >
> > >
>
>===========================================================================
>=
> >====
> > >      To unsubscribe from this mailing list, please see the 
>instructions
> >at
> > >                http://www.checkpoint.com/services/mailing.html
> > >
>
>===========================================================================
>=
> >====
> >
> >------------------------------------------------------------------
> >This email is confidential and intended solely for the use of the
> >individual to whom it is addressed. Any views or opinions presented are
> >solely those of the author and do not necessarily represent those of Sema
> >Group.
> >If you are not the intended recipient, be advised that you have received
> >this email in error and that any use, dissemination, forwarding, 
>printing,
> >or copying of this email is strictly prohibited.
> >------------------------------------------------------------------
> >
> >
> >
>
>===========================================================================
>=====
> >      To unsubscribe from this mailing list, please see the instructions 
>at
> >                http://www.checkpoint.com/services/mailing.html
>
>===========================================================================
>=====
>
>_________________________________________________________________________
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>
>
>===========================================================================
=
>====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>===========================================================================
=
>====

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
Prev by Date: RE: [FW1] fw-1 on solaris x86
Next by Date: [FW1] user auth & https
Previous by thread: RE: [FW1] Certificates
Next by thread: [FW1] Fw: user auth & https
Index(es):
- Date
- Thread