If the auditor was worth his/her salt, being able to come back and state
with a high level of confidence what type of firewall and even the major
version number is always a good finding. ;)
--- Gavin
-----Original Message-----
From: Volker Tanger [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 20, 2001 06:34
To: [EMAIL PROTECTED]
Subject: Re: [FW1] what is port scan ? our IT auditor found
hole!! How to close??
Greetings!
Ed Rolison schrieb:
> >Hi.. Jesus Calvo and dear all... if this is the case, how to close
this two
> >port.. as we don't implement VPN here and I remember that there is no
rules
> >for 264, 265 ports. Why it is open?
> I bet you've got an 'allow firewall services' rule right at the top.
In the policy editor do Policy / Properties and there on the
"Security Policy"
Tab you will find "Implied Rules" starting near the middle of the
window. There you
will find the mentioned (probably checked) "Accept VPN..."
#ifdef flamebait
Just to be nasty: why did your IT security auditor do not tell you that
you have
the FW1 VPN services enabled (superfluously) - instead of just telling
you the port
numbers? Any serious auditor for FW1 should IMHO know what these ports
are...
#endif
Bye
Volker
--
Volker Tanger <[EMAIL PROTECTED]>
Wrangelstr. 100, 10997 Berlin, Germany
DiSCON GmbH - Internet Solutions
http://www.discon.de/
========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
