[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Filtering HTTP
I am just posting the answer from other folks who just contributed earlier: Hi to all.... Why don't u use CP FW' s security server? (Checking with resource...) For example, if Code Red is the case, Why don't u put a rule above all the http-related rules such as; Source Dest. Service Action Any Any http->with resource Drop And the http->with resource service will be defined as a New Resource ---- URI; URI: Connection Methods:Transparent, Proxy (perhaps not so nec. but doesn't give any headache at least...) Schemes: http (only this will be enough..) Methods: all (so as to guarantee...) Host:* Path:{*/default.ida?*} Query:* Save everythg, and install.... It should be noted that since mostly *.ida is useless, this rule presumably shouldn't harm any Web-Server-based applications... ********************************** Roman Zeltser, @National Computer Center, RSIS & DNE -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Monday, August 06, 2001 12:36 PM To: [email protected] Subject: [FW1] Filtering HTTP We would like to block HTTP traffic using FW-1 destined for pages called "default.ida" on our web servers. Is there a way to do this using FW-1? ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|