[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Re:
Paul, put next rule before last rule (or rule "any-any-any-drop"): any any icmp-services drop where icmp-services is a group created by you including all icmp protocol services. Also, you have to uncheck the property "Accept ICMP" in the "Policy-->Properties Setup-->Security Policy" menu. Regards, Josué. "Paul Cunningham" <[email protected]>@lists.us.checkpoint.com con fecha 15/08/2001 21:52:20 Enviado por: [email protected] De "Paul Cunningham" <[email protected]> @lists.us.checkpoint.com --------+ -----------------------------------------------------+ A --------+ -----------------------------------------------------+ Copias a --------+ -----------------------------------------------------+ CCI --------+ -----------------------------------------------------+ Fecha 15/08/2001 21:52 --------+ -----------------------------------------------------+ Tema --------+ -----------------------------------------------------+ Hello all, I am a newbie with this software and have been thrust into a situation that requires me to write a rule for my firewall denying all ICMP traffic. Our regular administrator is unreachable and we have no tech support. I need to lock this down to stop a "Smurf" attack on my network. If anyone might be kind enough to lend me a hand I would appreciate it. I'm sure it's easy for people who are well versed in the software, but I am looking at it for the first time today! I'm sure that rule may already be in place, but need to verify that. I figured out the basics on how to create the rule, but I'm not sure where the objects should be placed and what, if any, advanced features I need to invoke. Thanks, Paul _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|