Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Re: ICMP

To: [email protected]
Subject: [FW1] Re: ICMP
From: [email protected]
Date: Fri, 17 Aug 2001 10:38:24 +1000
Cc: "Paul Cunningham" <[email protected]>
Sender: [email protected]



Paul,

1)  Log into the GUI as an FW1 Administrator.
2)  Select the File Menu then Open
3)  Highlight the CORRECT "Available Security Policy" and click on Open.  I
would suggest that you do a File Save-As and give the Security Policy a new name
so that your regular administrator can check any changes you may make to the
policy.
4)  Select the Policy Menu then Properties.
5)  On the "Security Policy" tab, deselect "Accept ICMP:" under the "Implied
Rules" section
6)  On the "Access Lists" tab, deselect "Accept ICMP:"
7)  Click OK
8)  Select the Policy Menu then Verify
9)  Select the Policy Menu then Install

If the "Accept ICMP:" options are already deselected then you will probably have
some rules that have a service which has an icon with the word "icmp" on top of
a graphic that looks like a spanner (or wrench depending on what part of the
world you are from) and a service name something like "echo-request" or
"echo-reply".

If you are running FW1 Ver 4.0 or greater then you should be able to right-click
the rule and select "Disable Rule".  If you are running FW1 Ver 3.x then you
will have to delete the offending rules.

Once you have done this then do items 8) & 9) from above.  This should propogate
the rules out to your FW device and drop any ICMP packets from traversing it.

I hope this helps.

Regards,

Ken...



*************************************************************************************************************************
Hello all,

I am a newbie with this software and have been thrust into a situation that
requires me to write a rule for my firewall denying all ICMP traffic. Our
regular administrator is unreachable and we have no tech support. I need to
lock this down to stop a "Smurf" attack on my network. If anyone might be
kind enough to lend me a hand I would appreciate it. I'm sure it's easy for
people who are well versed in the software, but I am looking at it for the
first time today! I'm sure that rule may already be in place, but need to
verify that. I figured out the basics on how to create the rule, but I'm not
sure where the objects should be placed and what, if any, advanced features
I need to invoke.

Thanks,

Paul





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- Re: [FW1] Re: ICMP
  - From: "Volker Tanger" <[email protected]>

Prev by Date: [FW1] Reporting Module
Next by Date: [FW1] Re: FIREWALL - ICMP
Previous by thread: [FW1] MS SQL2000 server registration times out
Next by thread: Re: [FW1] Re: ICMP
Index(es):
- Date
- Thread