Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SmartDefense

To: [email protected]
Subject: Re: [FW-1] SmartDefense
From: sabat <[email protected]>
Date: Fri, 31 Jan 2003 22:58:06 -0800
In-reply-to: <[email protected]>
References: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3b) Gecko/20030117

egonle wrote:

Click on SmartDefense and setup a larger packet size for ICMP packets.


Uhhhh -- where would that be, this SmartDefense button/window/whatever?
I've looked all over the new (NG) GUI. I admit I'm new to it and
probably just overlooked it, but they sure hid it well. CP
documentation, as usual, yielded nothing.

I had the same over-reactive icmp too long msg from a ping generated by
a cisco router. The solution there was just to tell it to reduce the
size of the ping packet. But the best would be to increase the allowed
size, if possible.

-Steve

Mark Quigley <[email protected]> wrote:

Do you have "Accept ICMP Requests" selected in Global Properties?  Also,
SmartDefense and Global Property rules take affect no matter what you
define in your rulebase (for the most part).  Have you tested a manual
ping from the monitoring server?

Thanks,
Mark

--------------------------------------------------------
Mark E. Quigley
Network Administrator
Board for State Academic Awards
55 Paul Manafort Dr
New Britain CT 06053fax
http://www.charteroak.edu
[email protected]


-----Original Message-----
From: Brad Pinkston [mailto:[email protected]]
Sent: Thursday, January 23, 2003 4:45 PM
To: [email protected]
Subject: [FW-1] SmartDefense


We have a monitoring server which sends icmp packets to our firewall to
monitor our serial interface.  SmartDefense sees these as in ICMP
attack.

Attack Info: Echo request too long
icmp-type: 8
icmp-code: 0

Even after specifically declaring access SmartDefense still isn't smart
enough to realize this.  How can I solve this problem.

Also, what all services aren't included in any by default? Is icmp?


Brad Pinkston
Centenary College of LA
Firewall/Network Administrator
IT [email protected]

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


__________________________________________________________________
The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Next by Date: Re: [FW-1] AW: [FW-1] SMTP Rule - 4.1 and NG FP3
Next by thread: Re: [FW-1] AW: [FW-1] SMTP Rule - 4.1 and NG FP3
Index(es):
- Date
- Thread