The vulnerability is real a function of your application and not the open
port in the firewall. Firewall-1 can take any external IP address and port
and convert it to any internal address and port you choose. The question:
Have you engineer your application and application security to withstand an
attack?
> -----Original Message-----
> From: Ivan Fox [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, October 20, 1999 9:00 PM
> To: Firewall-Wizards; [EMAIL PROTECTED]
> Subject: vulnerability of non-standard ports
>
> We may need to open a port or two for "home-grown" applications, e.g.
> tcp-1234, tcp-2345, on a Checkpoint Firewall-1 v4.0. Would it cause any
> security concerns? Any comments/suggestions are greatly appreciated.
>
> Thanks,
>
> Ivan.
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
