[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Open ports

To: [email protected]
Subject: Re: [FW-1] Open ports
From: Carlos Santos <[email protected]>
Date: Mon, 18 Nov 2002 10:20:52 -0000
Importance: Normal
In-Reply-To: <[email protected]>
Organization: Whatever
Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>
OK, but...for all I know, implicit rules do not allow control connection
such like tcp/21 or tcp/80 and Irfan says he as removed all implicit
rules...

The main issue here is if Irfan claims to get open ports on the internet
side of the firewall he could try what I've just said before.

It is rather strange that if the rules are set just like he said make
this happen, and maybe Irfan is missing something here, like Security
Server configurations for instance.

There might be another issue that once I've seen in phoneboy wich is
that part of "match for any" in services configuration, but then again
this type of match, as far as CheckPoint says, is only checked in a
source->destination->any->accept so who knows.

I'm only suggesting that maybe he forgot something and best choice
whould be the stealth rule for the firewall module.

Best regards,

CS


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]] On Behalf Of Cheth
Sent: domingo, 17 de Novembro de 2002 9:53
To: [email protected]
Subject: Re: [FW-1] Open ports


Sure....but that wasn't Irfan's point. His point was that the firewall
rule should be dropping the traffic, but isn't.

Regards,

C.


----- Original Message -----
From: "<Aaron Reynolds>" <[email protected]>
To: <[email protected]>
Sent: Friday, November 15, 2002 5:00 PM
Subject: Re: [FW-1] Open ports


> You need to go into voyager and turn the stuff off.  The firewall can
> have services listening, which will then be blocked by the rulebase.
> It is
best
> to turn them off in voyager, so you don't accidentally open something
> up.
>
> -Aaron
>
> -----Original Message-----
> From: Carlos Santos [mailto:[email protected]]
> Sent: Friday, November 15, 2002 8:51 AM
> To: [email protected]
> Subject: Re: [FW-1] Open ports
> Importance: High
>
>
> It's rather strange you have that, but then again, never worked with a

> nokia equip so why don't you try a more direct aproach like
>
> Any -> FW-Module -> Any -> Drop -> Log
>
> Hope it helps
>
> CS
>
> -----Original Message-----
> From: Mailing list for discussion of Firewall-1
> [mailto:[email protected]] On Behalf Of
> Hasan, Irfan
> Sent: ta-feira, 15 de Novembro de 2002 15:15
> To: [email protected]
> Subject: [FW-1] Open ports
>
>
> I'm using Checkpoint NG FP2 on Nokia IP330.
>
> I've only two rules in my firewall
>
> Source                     Destination     Service        Action
>
> LAN (10.1.1.x)       Any                Any             Allow
>
> Any                         Any                Any             Drop
>
> I removed all implied rules.
>
> But when I scan my firewall Internet connection from Internet,
>
>  I found Port 21, 80 and 389 are open.
>
> How do close all these open ports ??
>
> Hope someone give me a clue. Thks... Irfan
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
>
> _____________________________________________________________________
>                       INTERNET MAIL FOOTER
> A presente mensagem pode conter informa��o considerada confidencial.
> Se o receptor desta mensagem n�o for o destinat�rio indicado, fica
> expressamente proibido de copiar ou endere�ar a mensagem a terceiros.
> Em tal situa��o, o receptor dever� destruir a presente mensagem e por
> gentileza informar o emissor de tal facto.
> ---------------------------------------------------------------------
> Privileged or confidential information may be contained in this
> message. If you are not the addressee indicated in this message, you
> may not copy or deliver this message to anyone. In such case, you
> should destroy this message and kindly notify the sender by reply
> email.
> ---------------------------------------------------------------------
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================

> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


_____________________________________________________________________
                      INTERNET MAIL FOOTER
A presente mensagem pode conter informa��o considerada confidencial.
Se o receptor desta mensagem n�o for o destinat�rio indicado, fica
expressamente proibido de copiar ou endere�ar a mensagem a terceiros.
Em tal situa��o, o receptor dever� destruir a presente mensagem e por
gentileza informar o emissor de tal facto.
---------------------------------------------------------------------
Privileged or confidential information may be contained in this
message. If you are not the addressee indicated in this message, you
may not copy or deliver this message to anyone. In such case, you
should destroy this message and kindly notify the sender by reply
email.
---------------------------------------------------------------------

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
References:
- Re: [FW-1] Open ports
  - From: Cheth <[email protected]>
Prev by Date: Re: [FW-1] Clean Install of Secure Platform FP2 managing 4.1 modules
Next by Date: Re: [FW-1] VPN and HA
Prev by thread: Re: [FW-1] Open ports
Next by thread: Re: [FW-1] Open ports
Index(es):
- Date
- Thread