Hi all!,
Last weekend someone did a scan to our firewall and found
port 264 and 265 opened. Those ports are "Check Point VPN-1 Public Key
Transfer Protocol" and "Check Point VPN-1 SecuRemote
Topology Requests" and belong to the first implied rule: Checkpoint
Control Connections.
My question is: Does those ports represent a security
problem? We don't use VPN yet, so, I don't need them. But to close
those ports I will need to eliminate the Checkpoint Control Connections implied
rule, and recreate it manually, as first rule. Does anyone know if this is recommendable?
Which reasons may I have to keep the configuration as it is
now, with those ports open to the world?
Thanks a lot,
Alnz.
Ing. Alonzo Vera Rojas
Consultor en Seguridad de Redes
Cosapi Soft S.A.
Av. Javier Prado Este 4491-Surco. Lima 33, Perú.
Teléfonos:anx 234; Fax: (511)
437-1606;
Nextel:
81.22612
mailto:[email protected]
http://www.cosapisoft.com.pe
The
truth is out there...