BOOK: Essential Check Point Firewall-1^(TM): An Installation,Configuration, and Troubleshooting Guide (fwd)

2001-09-15 Thread Jose Nazario 


looks to be of interest to many of you. lots of FW-1 questions here, so ..
thought i would pass it along.


jose nazario [EMAIL PROTECTED]
 PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
   PGP key ID 0xFD37F4E5 (pgp.mit.edu)

-- Forwarded message --
Date: Sat, 15 Sep 2001 15:03:16 -0600
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: BOOK: Essential Check Point Firewall-1^(TM): An Installation,
 Configuration, and Troubleshooting Guide

Essential Check Point Firewall-1^(TM): An Installation, Configuration, and
Troubleshooting Guide
Dameon D. Welch-Abernathy

Publisher: Addison Wesley
Copyright: 2002
Format: Paper, 544 pp
ISBN: 0-201-69950-8
Status: Coming 10/19/2001
Retail Price: $44.99 US

http://www.aw.com/product/0,2627,0201699508,00.html

-- 
Elias Levy
SecurityFocus
http://www.securityfocus.com/
Si vis pacem, para bellum

___
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

RE: [FW-1] Check Point Firewall-1 Log analysis

2001-07-12 Thread Butler, Ken 

Try
www.phoneboy.com
(good explanations of ICMP drops and reason: unknown established TCP
packet in the FAQs)

http://www.robertgraham.com/pubs/firewall-seen.html 
General explanation of reading logs


http://www.enteract.com/~lspitz/logger.html 
Lance Spitzner has some interesting methods for manipulating the logs

Ken Butler, Mgr. Network Services
Liberty Bank
Voice   (860) 638-2951
Fax (860)343-7468


-Original Message-
From: Geoffrey Cheng [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 13, 2001 12:04 PM
To: [EMAIL PROTECTED]
Subject: [FW-1] Check Point Firewall-1 Log analysis


Hi all,


Currently I am working on a project that requires me to look into details
of the log generated from FW-1, is there any useful document or guideline
which could explain most of the error/block/reject messages displayed
in the last column of the log view?


Thanks,
Geoffrey 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of the message.]



The information transmitted is intended only for the person 
or entity to which it is addressed and may contain confidential  
and/or privileged material. If you are not the intended  
recipient of this message you are hereby notified that any use,  
review, retransmission, dissemination, distribution, reproduction  
or any action taken in reliance upon this message is prohibited.  
If you received this in error, please contact the sender and  
delete the material from any computer.  Any views expressed 
in this message are those of the individual sender and may  
not necessarily reflect the views of the company.   

___
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

[FW-1] Check Point Firewall-1 Log analysis

2001-06-13 Thread Geoffrey Cheng 

Hi all,


Currently I am working on a project that requires me to look into details
of the log generated from FW-1, is there any useful document or guideline
which could explain most of the error/block/reject messages displayed
in the last column of the log view?


Thanks,
Geoffrey 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of the message.]

RE: Check Point Firewall-1

1999-03-24 Thread Markus Döhr 

 Is Check Point Firewall-1 good enough to pay 5000$ for 50 
 nodes ??? Is there
 any cheaper and good firewall for good security?

That strongly depends on the OS you use. IMHO I'D _NEVER_ put security related
stuff on an NT platform, I'd like to really _KNOW_ what's goin' on with the
packets routed through. There are several other packets availabe for NT (Raptor
Eagle, Gauntlet etc.) I have no experience in.

We're using Linux with packet filtering, TIS and IP logging; works fine, it's
cheap (0.00) fast an reliable.

We have about 120 nodes inside here getting partially masqueraded and/or going
out through squid object cache proxy server... and all this on a P166. 

If you don't want to put everything together on your own, there's a commercial
version available too: http://www.linux-firewall.de. Don't know the price but
it's worth the look at.


--
Markus Doehr 
IT Admin
AUBI Baubeschläge GmbH  
Tel.: +49 6503 917 152  
Fax : +49 6503 917 190  
e-Mail: [EMAIL PROTECTED]
MD1139-RIPE  
*   
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Re: Check Point Firewall-1

1999-03-24 Thread czarcone 

Mehmet,

"Good enough" is a subjective statement. The answer depends of the mission
of your organization, and what it stands to lose should your systems become
compromised. Is your 50-node organization doing market research on thumb
tacks, or is it doing research on quantum computing? One is worth $5000 for
security, the other is probably not.

If cost is your bottom line, you could build a perfectly serviceable
firewall with Linux (total cost: $0, maybe $50 if you buy a bundled
distribution like Red Hat or Caldera). This will give you basic packet
filtering, not to mention more services (SMTP relay, web server, DNS, etc.)
than you'll know what to do with.

If you want more robust firewalling, you could add the legacy Firewall
Toolkit (total cost: $0) which will give you application-level firewall
proxies. You can add in hacks for transparency and patches for extra
proxies as you wish. And there is still more freeware for everything else
you might want out of a firewall, from log analysis to realtime performance
monitoring to penetration testing to intrusion detection/response.

IMHO you can build a rock-solid firewall with a high degree of trust, for
almost no money *in software licensing*. The real cost for such a firewall
would be the cost of building and supporting it yourself. You (or another
staff person in your organization) would have to be proficient in general
firewalling principles, UNIX, C and C compilation, ipfwadm and FWTK at the
very least. If you don't have that expertise, you will have to buy it in
the form of additional staff...

Regards,

Chris

Christopher Zarcone
Network Security Consultant
RPM Consulting, Inc.
[EMAIL PROTECTED]
#include std.disclaimer.h  /* My opinions do not necessarily
reflect the opinions of my employer */

Date: Tue, 23 Mar 1999 09:22:58 +0200
From: "Mehmet Sokmen" [EMAIL PROTECTED]
Subject: Check Point Firewall-1

Hi,

Is Check Point Firewall-1 good enough to pay 5000$ for 50 nodes ??? Is
there
any cheaper and good firewall for good security?

boy

- -
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]


-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

RE: Check Point Firewall-1

1999-03-24 Thread Bill Hinton 

Hi,

Is Check Point Firewall-1 good enough to pay 5000$ for 50 nodes ??? Is there
any cheaper and good firewall for good security?

boy


Try WatchGuard (http://www.watchguard.com), it's a good, inexpensive firewall solution 
for small to medium sized networks.

 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Re: Check Point Firewall-1

1999-03-24 Thread Bill Hinton 

Hi,

Is Check Point Firewall-1 good enough to pay 5000$ for 50 nodes ??? Is there
any cheaper and good firewall for good security?

boy


Try WatchGuard (http://www.watchguard.com), it's a good, inexpensive firewall solution 
for small to medium sized networks.

 

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]