By default FW-1 will not allow FTP sessions over known service ports. If someone attempts to ftp over port 80 the Firewall will reject it.
You could set up an HTTP security server with transparency and that should stop unwanted telnet sessions.
-----Original Message-----
From: JRay [mailto:[EMAIL PROTECTED]]
Sent: Sunday, May 28, 2000 12:49 AM
To: [EMAIL PROTECTED]
Subject: [FW1] Blocking Telnet / FTP access to port 80
Hi all,
Is there any way in FW-1 Ver 4.0 to block users from telneting or ftp'ing
out on
port 80? Port 80 is enabled for http access, and the users need telnet / ftp
access to our DMZ. However they are also telneting out to boxes their own
outside servers that are listening on port 80. So far FW-1 can't distinguish
between an ftp/telnet session and an http session.
Any suggestions?
Thanks in advance!
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
***********************************************************************
Gruntal & Co., L.L.C.'s e-mail system is for business purposes only.
Messages are not confidential. All e-mail may be reviewed by
authorized supervisors, compliance or internal audit personnel.
E-mail will be archived for at least three years and may be produced
to regulatory agencies or others with a legal right to access such
information. Gruntal will not accept trade order instructions via
e-mail. Please telephone your Account Executive to place trade orders.
Gruntal & Co., L.L.C.
***********************************************************************
