Re: [FW-1] Secure client verification to DNS servers with 'large pings' (Office mode)

Wed, 12 Apr 2006 11:04:37 -0700 

Hi Mark,
That's a SmartDefense setting, not a ping-of-death thing. Ping-of-death protected against ping packets greater than 65K. Inside SD, you can set the maximum ping size you will accept. I think Windows uses 64 bytes, Cisco uses 100 bytes, etc. 


Check your SD setting for the maximum ping size and up it as necessary. I 
think R55 uses 64 bytes, but I see my Connectra box uses 1500 bytes for the 
SD default.


Ray



From: Mark Elsen <[EMAIL PROTECTED]>

Reply-To: Mailing list for discussion of Firewall-1              
<[email protected]>

To: [email protected]

Subject: [FW-1] Secure client verification to DNS servers with 'large 
pings' (Office mode)

Date: Wed, 12 Apr 2006 12:33:23 +0200

(NGX - HFA_02)

Hi,

Secure Client when vpn connected in Office mode, verifies, apparently
connectivity to available DNS servers, wih ping requests.

These ping requests are dropped in my case, because of SmartDefense
settings concerning ping-of-death attacks.
Verifying records in SmartView Tracker confirms this ; from
Record Details,  I get :

    - Attack name         : Large ping
    - Attack information : Echo request too long.

The source IP belongs the allocated range for Office mode VPN
connections...

Why can't Secure-Client use normal ping sizes ?

M.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================














    











					Reply via email to