NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] AW: [FW-1] NG: ftp reject: reason tried to open tcp service port, port XYZ



could you please be more precise please .

Schaar, Norbert wrote:

Of course, there is a way to change this behaviour even under NG but it will
disable the port check functionality of all ftp data connections, don't know
if this is really what you want. However, Check Point is suggesting not to
do base.def changes in NG anymore but to call the technical Service instead.
This should be the path to go, I think and, therefore, you didnÄt find any
hint.
Well, the way FW-1 does this "dangerous port check"  was seriously changed
with NG FP2. The appropriate function definitions consists of new kernel
function calls and when you change the wrong part, you will loose ALL ftp
data connectivity...
If you don't be afraid about that, go to the FTP macro definition part in
base.def, find the NOTSERVER_TCP_PORT function (should be there two times)
and replace the segment register there with a port number of you choice that
will never be used as a service. This will do the trick but, again, I would
stay away from that for support and security reasons.

-----Ursprüngliche Nachricht-----
Von: egonle [mailto:[email protected]]
Gesendet: Montag, 13. Mai 2002 09:14
An: [email protected]
Betreff: [FW-1] NG: ftp reject: reason tried to open tcp service port, port
XYZ


Hi,


after upgrading our NG management server, v4.1SP5 modules reject different
ftp session with the following info message:
reason: tried to open tcp service port, port XYZ

There's a secureknowledge document regarding this issue for the v4.1
management server however I didn't find any hint how to change this
behaviour for NG. Anyone else?

Regards,
Egonle.

__________________________________________________________________
Nur bei Netscape: Ihr KOSTENLOSER Netscape WebMail-Account und der Instant
Messenger unter http://www.netscape.de

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.