[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Nimda rule rejects disinfected clients ???
If it's the bug I'm thinking of, the FW URI rules choke on URL's with the @ sign in them. Easiest way around this is just to make sure your hosts are clean (be a good neighbor!) and then remove the outbound URI rule (unless your users are hosting webs servers!) If your net is clean, you are really only concerned with incoming bad stuff - so just block inbound. You users are making outbound requests for websites so they will be unaffected. This should resolve your problem while affording you some protection from NIMDA, CodeRed, etc. Your rule is just: any MyNet Bad-HTTP Drop (or log) mynet any HTTP accept(or accounting if you track this stuff) HTH, Joe >>> Sam Denton <[email protected]> 12/03/01 11:04AM >>> The same thing happened to me. I got in contact with Checkpoint. They say it is a known bug and there is nothing they can do about it. There are no plans to 'fix' the error either. Its a pain I know but we all have to live with it. I recommend removing the rule and not adding any uri resources this seams to stop it happening. Thanx Sam -----Original Message----- From: Sero Sero [mailto:[email protected]] Sent: Monday, December 03, 2001 3:30 PM To: [email protected] Subject: [FW-1] Nimda rule rejects disinfected clients ??? Hi, When i enable the Nimda rule , some of my Web connections rejected from firewall but this situation isnt stable, sometimes occurs, sometimes NOT. I check my machine but there is no Nimda.. Is there anybody who did see this error ? Thankz.. -- _______________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup 1 cent a minute calls anywhere in the U.S.! http://www.getpennytalk.com/cgi-bin/adforward.cgi?p_key=RG9853KJ&url=http:// www.getpennytalk.com =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|