[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Broadcasts being accepted on NG FP1
Note that I did say "new workstation" object.. not network object. :> hehe... -Amin > -----Original Message----- > From: Padhu [mailto:[email protected]] > Sent: Monday, March 04, 2002 9:37 AM > To: [email protected] > Subject: Re: [FW-1] Broadcasts being accepted on NG FP1 > > > Creation of all ones broadcast object atleast in 4.1 comes up > with errors. > Doesn't accept it as a valid network object unlike 4.0 . May > be in Ng its > working again ? > > b. limited broadcast object: new workstation > > set name to: limited_bcast > > set ip to: 255.255.255.255 ???????????????? > > > ----- Original Message ----- > From: "Amin Tora" <[email protected]> > To: <[email protected]> > Sent: Sunday, March 03, 2002 11:01 PM > Subject: Re: [FW-1] Broadcasts being accepted on NG FP1 > > > > This is the Compaq web based Management Insight Manager for > servers... > they > > advertise via broadcast... your rulebase should be > configured properly to > > drop these types of packets. > > > > Now... if you have your objects and rules set up properly, > as you say you > > do, your rules should already drop these types of packets. > But if you > have > > to, you could do something like this: > > > > a. make a new tcp protocol: > > > > set name to: compaq_mgmt > > set dest port to: 2301 > > > > b. limited broadcast object: new workstation > > set name to: limited_bcast > > set ip to: 255.255.255.255 > > > > > > Rule: > > > > internal_net limited_bcast compaq_mgmt DROP > > LOG/don't log? (up to you) > > > > > > Also, I would turn of the Compaq web based management if > you aren't using > > it. > > > > -Amin > > > > > > > -----Original Message----- > > > From: [email protected] [mailto:[email protected]] > > > Sent: Friday, March 01, 2002 3:37 PM > > > To: [email protected] > > > Subject: [FW-1] Broadcasts being accepted on NG FP1 > > > > > > > > > I have installed NG-FP1 on a couple of new systems - all went > > > very well > > > apart from the default Citrix service being wrong :-( > > > but I have some odd log entries... > > > > > > n 1Mar2002 19:25:38 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > 2301 system10 255.255.255.255 10 > > > n 1Mar2002 19:25:56 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > 2301 system8 255.255.255.255 10 > > > n 1Mar2002 19:27:38 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > 2301 system12 255.255.255.255 10 > > > n 1Mar2002 19:29:04 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > sunrpc system23 10.120.255.255 10 rpc_prog 390109 > > > n 1Mar2002 19:34:12 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > 7938 system12 10.120.255.255 10 > > > n 1Mar2002 20:21:38 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > 2301 system25 255.255.255.255 11 > > > n 1Mar2002 20:21:56 VPN-1 & FireWall-1 qfe2 firewall-6 > > > log accept > > > 2301 system8 255.255.255.255 11 > > > > > > Can anyone tell me what these are. I have 'Broardcast > address' = 'not > > > included' on all my networks. > > > Regards > > > Paul > > > -------------------------------------------------------------- > > > ------------------------------ > > > > > > IHS Energy Group, Englewood, CO. > > > > > > ================================================= > > > To set vacation, Out Of Office, or away messages, > > > send an email to [email protected] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your > > > subscription options, email > > > [email protected] > > > ================================================= > > > > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|