NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Opened port at Firewall-1



Yes, it is highly recommended that you eliminate the implied rules and recreate them manually, and only as needed.
 
See: http://www.cert.org/advisories/CA-2001-17.html.  Implied rules at work!
-----Original Message-----
From: Alonzo Vera [mailto:[email protected]]
Sent: Monday, July 09, 2001 1:13 PM
To: '[email protected]'
Subject: [FW1] Opened port at Firewall-1

Hi all!,

 

Last weekend someone did a scan to our firewall and found port 264 and 265 opened. Those ports are "Check Point VPN-1 Public Key Transfer Protocol" and "Check Point VPN-1 SecuRemote Topology Requests" and belong to the first implied rule: Checkpoint Control Connections.

 

My question is: Does those ports represent a security problem? We don't use VPN yet, so, I don't need them. But to close those ports I will need to eliminate the Checkpoint Control Connections implied rule, and recreate it manually, as first rule. Does anyone know if this is recommendable?

Which reasons may I have to keep the configuration as it is now, with those ports open to the world?

 

Thanks a lot,

 

Alnz.

 

 

 Ing. Alonzo Vera Rojas

Consultor en Seguridad de Redes

Cosapi Soft S.A.

Av. Javier Prado Este 4491-Surco. Lima 33, Perú.

Teléfonos:anx 234; Fax:;

Nextel: 81.22612

mailto:[email protected]

http://www.cosapisoft.com.pe

 

                                    The truth is out there...

 



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.