[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Policies
Hi all again... I have tried different options to block "nimda style" http and smtp incoming requests... I am using a Nokia IP330 firewall running CP FW-1 Resources for SMTP block, reject (why???) all incoming SMTP connections... to be clear: ANY --> mailserver --> smtp_resource --> drop (drops everything) ANY --> mailserver --> smtp_resource --> accept (drops nothing) These are not allowed by the policy manager... ANY --> mailserver --> NOT smtp_resource --> drop ANY --> mailserver --> NOT smtp_resource --> accept Resources for HTTP do not block anything if I do not use the any to any rule... Explaining in better details: any --> any --> HTTP_Resource --> DROP (drops everything) in effect I see NO gets for admin.dll and the like... But it blocks incoming requests for my webmail service too, and I need it for my remote workers! What is strange is that outlook webmail has no components using the {*cmd.exe, *root.exe, *admin.dll, *readme.exe, default.ida} stuff... any --> "my lan" --> HTTP_Resource --> DROP (seems to drop nothing) NOT "my lan" --> "my lan" --> HTTP_Resource ---> DROP (seems to drop nothing) In effect looking at the IIS logfiles i see incoming "nimda style" gets. Do I definitely need to configure the Security Servers options ? CVP Server ? Someone have details about ? Just because I do not want to go crazy doing hotfixes on the servers (have plenty to care) everyday :) Tnx in advance to all. ciao Daniele ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|