NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Broadcasts being accepted on NG FP1



Note that I did say "new workstation" object.. not network object.   :>

hehe...

-Amin

> -----Original Message-----
> From: Padhu [mailto:[email protected]]
> Sent: Monday, March 04, 2002 9:37 AM
> To: [email protected]
> Subject: Re: [FW-1] Broadcasts being accepted on NG FP1
>
>
> Creation of all ones broadcast object atleast in 4.1 comes up
> with errors.
> Doesn't accept it as a valid network object unlike 4.0 . May
> be in Ng its
> working again ?
>
> b. limited broadcast object:  new workstation
> >         set name to: limited_bcast
> >       set ip to: 255.255.255.255  ????????????????
>
>
> ----- Original Message -----
> From: "Amin Tora" <[email protected]>
> To: <[email protected]>
> Sent: Sunday, March 03, 2002 11:01 PM
> Subject: Re: [FW-1] Broadcasts being accepted on NG FP1
>
>
> > This is the Compaq web based Management Insight Manager for
> servers...
> they
> > advertise via broadcast... your rulebase should be
> configured properly to
> > drop these types of packets.
> >
> > Now... if you have your objects and rules set up properly,
> as you say you
> > do, your rules should already drop these types of packets.
> But if you
> have
> > to, you could do something like this:
> >
> > a. make a new tcp protocol:
> >
> >         set name to: compaq_mgmt
> >         set dest port to: 2301
> >
> > b. limited broadcast object:  new workstation
> >         set name to: limited_bcast
> >       set ip to: 255.255.255.255
> >
> >
> > Rule:
> >
> > internal_net    limited_bcast   compaq_mgmt             DROP
> > LOG/don't log? (up to you)
> >
> >
> > Also, I would turn of the Compaq web based management if
> you aren't using
> > it.
> >
> > -Amin
> >
> >
> > > -----Original Message-----
> > > From: [email protected] [mailto:[email protected]]
> > > Sent: Friday, March 01, 2002 3:37 PM
> > > To: [email protected]
> > > Subject: [FW-1] Broadcasts being accepted on NG FP1
> > >
> > >
> > > I have installed NG-FP1 on a couple of new systems - all went
> > > very well
> > > apart from the default Citrix service being wrong :-(
> > > but I have some odd log entries...
> > >
> > > n  1Mar2002  19:25:38  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > 2301  system10  255.255.255.255  10
> > > n  1Mar2002  19:25:56  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > 2301  system8  255.255.255.255  10
> > > n  1Mar2002  19:27:38  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > 2301  system12  255.255.255.255  10
> > > n  1Mar2002  19:29:04  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > sunrpc  system23  10.120.255.255  10   rpc_prog 390109
> > > n  1Mar2002  19:34:12  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > 7938  system12  10.120.255.255  10
> > > n  1Mar2002  20:21:38  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > 2301  system25  255.255.255.255  11
> > > n  1Mar2002  20:21:56  VPN-1 & FireWall-1  qfe2  firewall-6
> > > log  accept
> > > 2301  system8  255.255.255.255  11
> > >
> > > Can anyone tell me what these are. I have 'Broardcast
> address' = 'not
> > > included' on all my networks.
> > > Regards
> > > Paul
> > > --------------------------------------------------------------
> > > ------------------------------
> > >
> > > IHS Energy Group, Englewood, CO.
> > >
> > > =================================================
> > > To set vacation, Out Of Office, or away messages,
> > > send an email to [email protected]
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your
> > > subscription options, email
> > > [email protected]
> > > =================================================
> > >
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
>
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.