Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Broadcasts being accepted on NG FP1

To: [email protected]
Subject: Re: [FW-1] Broadcasts being accepted on NG FP1
From: Padhu <[email protected]>
Date: Mon, 4 Mar 2002 08:37:18 -0600
References: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Creation of all ones broadcast object atleast in 4.1 comes up with errors.
Doesn't accept it as a valid network object unlike 4.0 . May be in Ng its
working again ?

b. limited broadcast object:  new workstation
>         set name to: limited_bcast
>       set ip to: 255.255.255.255  ????????????????


----- Original Message -----
From: "Amin Tora" <[email protected]>
To: <[email protected]>
Sent: Sunday, March 03, 2002 11:01 PM
Subject: Re: [FW-1] Broadcasts being accepted on NG FP1


> This is the Compaq web based Management Insight Manager for servers...
they
> advertise via broadcast... your rulebase should be configured properly to
> drop these types of packets.
>
> Now... if you have your objects and rules set up properly, as you say you
> do, your rules should already drop these types of packets.  But if you
have
> to, you could do something like this:
>
> a. make a new tcp protocol:
>
>         set name to: compaq_mgmt
>         set dest port to: 2301
>
> b. limited broadcast object:  new workstation
>         set name to: limited_bcast
>       set ip to: 255.255.255.255
>
>
> Rule:
>
> internal_net    limited_bcast   compaq_mgmt             DROP
> LOG/don't log? (up to you)
>
>
> Also, I would turn of the Compaq web based management if you aren't using
> it.
>
> -Amin
>
>
> > -----Original Message-----
> > From: [email protected] [mailto:[email protected]]
> > Sent: Friday, March 01, 2002 3:37 PM
> > To: [email protected]
> > Subject: [FW-1] Broadcasts being accepted on NG FP1
> >
> >
> > I have installed NG-FP1 on a couple of new systems - all went
> > very well
> > apart from the default Citrix service being wrong :-(
> > but I have some odd log entries...
> >
> > n  1Mar2002  19:25:38  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > 2301  system10  255.255.255.255  10
> > n  1Mar2002  19:25:56  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > 2301  system8  255.255.255.255  10
> > n  1Mar2002  19:27:38  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > 2301  system12  255.255.255.255  10
> > n  1Mar2002  19:29:04  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > sunrpc  system23  10.120.255.255  10   rpc_prog 390109
> > n  1Mar2002  19:34:12  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > 7938  system12  10.120.255.255  10
> > n  1Mar2002  20:21:38  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > 2301  system25  255.255.255.255  11
> > n  1Mar2002  20:21:56  VPN-1 & FireWall-1  qfe2  firewall-6
> > log  accept
> > 2301  system8  255.255.255.255  11
> >
> > Can anyone tell me what these are. I have 'Broardcast address' = 'not
> > included' on all my networks.
> > Regards
> > Paul
> > --------------------------------------------------------------
> > ------------------------------
> >
> > IHS Energy Group, Englewood, CO.
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] Broadcasts being accepted on NG FP1
  - From: Amin Tora <[email protected]>

Prev by Date: [FW-1] Upgrade from 4.0 to 4.1 Causing problems with Secure Remote Clients
Next by Date: Re: [FW-1] NAT:FW as a proxy?
Previous by thread: Re: [FW-1] Broadcasts being accepted on NG FP1
Next by thread: Re: [FW-1] Broadcasts being accepted on NG FP1
Index(es):
- Date
- Thread