On Tue, Jun 29, 2004 at 01:46:30PM -0700, Eric Paynter wrote: > On Tue, June 29, 2004 11:59 am, James Patterson Wicks said: > > CheckPoint's interface is very intuitive and easy to use. > Easy to use in a "Microsoft" kind of way. Last I heard, it does nice > things for you like always allow DNS traffic through, even if you have no > port 53 rule and a deny all policy. How helpful!
Sounds like somebody needs to learn how to run FW-1. There's several "implied" rules which are set from Global Properties, and are only displayed/logged if you specity to display/log implied rules. John _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
