Re: [FW-1] Open ports

["Nall, Robert" <rnall@FW1-NOSPAMCO.RILEY.KS.US>]

Title: RE: [FW-1] Open ports

80 - voyager web interface
21 - ftp service on the nokia IP330
389 - ldap

Create a node or something that will allow access to it so you can manage it. Else you will blocked out of your own firewall...

Authorized Node/FW <-> FW/Authorized Node <-> any <-> accept <-> log

This will take care of anyone attempting to connect to them.
Any <-> FW-Module <-> Any <-> Drop <-> Log

In that order or you will be blocked before you can gain access...

Robert Nall

-----Original Message-----
From: Hasan, Irfan [mailto:irfan.hasan@T-SYSTEMS.COM.SG]
Sent: Friday, November 15, 2002 9:15 AM
To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com
Subject: [FW-1] Open ports

I'm using Checkpoint NG FP2 on Nokia IP330.

I've only two rules in my firewall

Source                     Destination     Service        Action

LAN (10.1.1.x)       Any                Any             Allow

Any                         Any                Any             Drop

I removed all implied rules.

But when I scan my firewall Internet connection from Internet,

 I found Port 21, 80 and 389 are open.

How do close all these open ports ??

Hope someone give me a clue. Thks... Irfan

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail =================================================
To unsubscribe from this mailing list,
please see the instructions at http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com =================================================