[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] CERT Advisory and SecuRemote
No, there's no problem with "any firewall [service] allow" rules. (Ok, it's possible to attack your firewall with many IKE requests, and RDP packets. But there's no way to send data through the firewall, from any source to any destination.) I just wondered why there was an "any any rdp allow" rule in the implied rules, as everybody nows that "any any [service] allow" is a bad idea and can be always avoided. So I just disabled the implied rules, not thinking to open up a case... With or without patch, stupid guys (in this case the developers) can always add "any any [service] allow" rules to the rulebase, and fw-1 won't even complain about such rules. I think the next patch should completely reject such rules. Patrick ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|