NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Do ppl log Deny Any Any?



Something is wrong about that...
Can you send a log entry like the one you described?

You can disable "Log implied rules" at the properties window.
Make sure that your netbios rule isn't logging.
If it is logging netbios at rule 0, is for some other reason (anti-spoofing
maybe).

Rodrigo

-----Mensagem original-----
De: Ed Davidson [mailto:[email protected]]
Enviada: Thursday, November 08, 2001 6:17 PM
Para: 'Mailing list for discussion of Firewall-1'
Cc: 'Rodrigo Borges'
Assunto: RE: [FW-1] Do ppl log Deny Any Any?


I put in such a rule to drop netbios traffic, but since
it gets dropped by RULE 0, it still logs the traffic.

How did you get this to work, so it's not logged?

Thanks!

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of
Rodrigo Borges
Sent: Thursday, November 08, 2001 10:47 AM
To: [email protected]
Subject: Re: [FW-1] Do ppl log Deny Any Any?


You should have a first rule dropping netbios traffic(Any Any NBT Drop),
among others, so that you don't get too much logging.
You should log the "Any Any Deny" rule to see what didn't went through a
valid rule and why it didn't.

Rodrigo Borges



http://www.primeinc.com
**********************************************************************
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity to
whom they are addressed.  If you have received this email
in error please reply to the sender of the message.

The views expressed in this correspondence may not
reflect the views of Prime, Inc.

This footnote also confirms that this email message has
been scanned for the presence of computer viruses.
***********************************************************************

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.