Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] AW: [FW-1] security hole isakmp

To: [email protected]
Subject: [FW-1] AW: [FW-1] security hole isakmp
From: Jochen Vogel <[email protected]>
Date: Fri, 3 May 2002 09:58:05 +0200
Comments: cc: Holger Heimann <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

i take a tcpdump on the scanner and found out the following
i take a tcpdump on the scanner and found out the following

nmap didn´t found the port

09:33:26.858000 scanner.57345 > firewall.isakmp: udp 0
09:33:26.876045 firewall > scanner: icmp: firewall udp port isakmp
unreachable

----------------------------------------------------------------------------
-

nessus found the hole at checkpoint

.............
09:35:49.411438 scanner.isakmp > firewall.isakmp: udp 379
09:35:49.422596 scanner.isakmp > firewall.isakmp: udp 379
09:35:49.423850 firewall > scanner: icmp: firewall udp port isakmp
unreachable
09:35:49.431030 firewall > scanner: icmp: firewall udp port isakmp
unreachable
09:35:49.434197 scanner.isakmp > firewall.isakmp: udp 379
09:35:49.441981 firewall > scanner: icmp: firewall udp port isakmp
unreachable
09:35:49.445098 scanner.isakmp > firewall.isakmp: udp 379
09:35:49.453705 firewall > scanner: icmp: firewall udp port isakmp
unreachable
09:35:49.456342 scanner.isakmp > firewall.isakmp: udp 379
09:35:49.465671 firewall > scanner: icmp: firewall udp port isakmp
unreachable
09:35:49.467281 scanner.isakmp > firewall.isakmp: udp 379
09:35:49.470999 scanner.vlsi-lm > firewall.isakmp: udp 0
09:35:49.475742 firewall > scanner: icmp: firewall udp port isakmp
unreachable
09:35:49.487013 firewall > scanner: icmp: firewall udp port isakmp
unreachable

----------------------------------------------------------------------------
----

nessus didn´t found the hole at iptables

............
09:55:14.473392 195.245.49.114.isakmp > 80.136.252.200.isakmp: udp 379
09:55:14.483702 195.245.49.114.isakmp > 80.136.252.200.isakmp: udp 379
09:55:14.494238 195.245.49.114.isakmp > 80.136.252.200.isakmp: udp 379
09:55:14.504476 195.245.49.114.isakmp > 80.136.252.200.isakmp: udp 379
09:55:14.515191 195.245.49.114.isakmp > 80.136.252.200.isakmp: udp 379
09:55:14.525449 195.245.49.114.isakmp > 80.136.252.200.isakmp: udp 379
09:55:14.529545 195.245.49.114.vlsi-lm > 80.136.252.200.isakmp: udp 0

----------------------------------------------------------------------------
---

it seem´s that the unreachable packet was the problem

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: [FW-1] AW: [FW-1] security hole isakmp
Next by Date: Re: [FW-1] Latest service pack of FW-1 4.1
Previous by thread: Re: [FW-1] AW: [FW-1] security hole isakmp
Next by thread: [FW-1] messages in CPHA ...
Index(es):
- Date
- Thread