|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] How do you prevent the Firewal operating system from being identified?
If you have SecuRemote users, I believe the answer is you can't prevent someone from finding out what OS the firewall is running on. You will have to have 264/tcp and/or 256/tcp open to the world, unless you know the specific IP addresses of your SecuRemote users. With those ports open to the world, someone can fingerprint the OS using those open ports.
The security servers may pose the same issue.
-idenfw
>From: "Tim Holman"
>To: "Dave Ng Thiam Huat" , "Fernandes, Andy (ANDF)" ,
>Subject: Re: [FW1] How do you prevent the Firewal operating system from being identified?
>Date: Thu, 22 Mar 2001 12:22:07 -0000
>
>
>FW management modules & control connections are all INTERNAL, so an EXTERNAL
>port scan will not pick them up, as they won't be running on the external
>interface.
>It would be quite easily to fingerprint from the internal LAN, but then
>again, if you're on the internal LAN, you probably know you've a Checkpoint
>firewall anyway !
< Good stuff snipped >
> >
> > ----- Original Message -----
> > From: Fernandes, Andy (ANDF)
> > To:
> > Sent: 21 March 2001 20:40
> > Subject: [FW1] How do you prevent the Firewal operating system from being
> > identified?
> >
> >
> > >
> > > Hello all:
> > >
> > > I have been told that it is possible to identify a Checkpoint Firewall's
> > > operating system type, build and version type from the outside by
> > examining
> > > banners and using various fingerprinting techniques. How can a
>Checkpoint
> > > firewall be protected against this vulnerability?
> > >
> > > Andy
> > >
> > >
> > >
Get your FREE download of MSN Explorer at http://explorer.msn.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|