NETWORK PRESENCE

ABOUT

SERVICES

PRODUCTS

TRAINING

CONTACT US

SUPPORT

Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] How do you prevent the Firewal operating system from being identified?

To: [email protected], [email protected], [email protected]
Subject: Re: [FW1] How do you prevent the Firewal operating system from being identified?
From: "iden fw" <[email protected]>
Date: Thu, 22 Mar 2001 15:23:31 -0000
Sender: [email protected]

If you have SecuRemote users, I believe the answer is you can't prevent someone from finding out what OS the firewall is running on. You will have to have 264/tcp and/or 256/tcp open to the world, unless you know the specific IP addresses of your SecuRemote users. With those ports open to the world, someone can fingerprint the OS using those open ports.

The security servers may pose the same issue.

-idenfw

>From: "Tim Holman"

>To: "Dave Ng Thiam Huat" , "Fernandes, Andy (ANDF)" ,

>Subject: Re: [FW1] How do you prevent the Firewal operating system from being identified?

>Date: Thu, 22 Mar 2001 12:22:07 -0000

>

>

>FW management modules & control connections are all INTERNAL, so an EXTERNAL

>port scan will not pick them up, as they won't be running on the external

>interface.

>It would be quite easily to fingerprint from the internal LAN, but then

>again, if you're on the internal LAN, you probably know you've a Checkpoint

>firewall anyway !

< Good stuff snipped >

> >

> > ----- Original Message -----

> > From: Fernandes, Andy (ANDF)

> > To:

> > Sent: 21 March 2001 20:40

> > Subject: [FW1] How do you prevent the Firewal operating system from being

> > identified?

> >

> >

> > >

> > > Hello all:

> > >

> > > I have been told that it is possible to identify a Checkpoint Firewall's

> > > operating system type, build and version type from the outside by

> > examining

> > > banners and using various fingerprinting techniques. How can a

>Checkpoint

> > > firewall be protected against this vulnerability?

> > >

> > > Andy

> > >

> > >

> > >

Get your FREE download of MSN Explorer at http://explorer.msn.com

================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================

Follow-Ups:
- RE: [FW1] How do you prevent the Firewal operating system from being identified?
  - From: "Ionel Chila" <[email protected]>

Prev by Date: [FW1] - expired fragments
Next by Date: Re: [FW1] - expired fragments
Previous by thread: Re: [FW1] How do you prevent the Firewal operating system from being identified?
Next by thread: RE: [FW1] How do you prevent the Firewal operating system from being identified?
Index(es):
- Date
- Thread

ABOUT

SERVICES

PRODUCTS

TRAINING

CONTACT US

SUPPORT

SITE MAP

LEGAL

All contents © 2004 Network Presence, LLC. All rights reserved.