[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Fw: ip conflict and firewall crash
1) At my work, we go so far as to change the extension on the network properties applet. Granted this only works for windows machines, but renaming netcfg.dll in the system32 directory to netcfg.zap or whatever. Now they'll have to actually hack the registry to change anything network setting wise. 2) Presumably there's a router somewhere in your internal network before it gets to the firewall. If so, just setup up an ACL on the link outbound to the firewall that kills spoofing. In other words, allow traffic from all valid internal networks, and deny everything else. I've got this running on my Cisco 6509 core switch at work. If an internal box doesn't have an internal ip address, the traffic goes nowhere. -------------------------- From: Cepeda, Josh <[email protected]> You need to make sure that your employees are all on DHCP and exclude all your firewall Static IP addresses from the IP pool. You also need to get stricter on allowing your employees to make changes to their PC's that should be left to the the IT Dept. You might consider not giving them administrative access or setting a policy to restrict changes to their system. There is nothing you can do on the Firewall or OS that can protect you from IP conflicts. -----Original Message----- From: Manish [mailto:[email protected]] Sent: Sunday, May 20, 2001 12:28 PM To: [email protected] Subject: [FW1] Fw: ip confilct and firewall crash dear friend, i am facing a problem in my setup. i have attached the diagram of my setup. as shown in the diagram i have many zones which are protected by the firewall.the firewall is Checkpoint Fw-1 ver 4.1 SP2 i have my firewall operational on Solaris 6. Zone B has webservers and ftp servers which are being accessed from the internet. Zone C is the zone where we have the employee's PCs. yesterday, one of our employees changed his PC's ip to the ip of the firewall . he allotted to his PC the ip of the firewall's Zone C arm .Even after the machine detected ip clash, the employee accepted the warning and continued with change of IP.thus he allotted the ip of the firewall's zone C arm. after this my firewall crashed.i mean to say that the firewall was not accepting any connection from anywhere.the firewall was not accepting any connection whether it originated from /ended at Zone A or Zone B or internet ( our webserver and ftp server was not accessible from internet) . after this i have disconnected the employee's PC and restarted firewall.Now the firewall is working fine. but i am worried if i face this again. how can i prevent this happening again?do i need to do something on the OS configuration of the firewall machine or alter some firewall settings? please guide me.please feel free to contact me. thanks in advance regards shameek ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|