I am just posting the answer from other folks who just contributed earlier:
Hi to all....
Why don't u use CP FW' s security server? (Checking with resource...)
For example, if Code Red is the case,
Why don't u put a rule above all the http-related rules such as;
Source Dest. Service Action
Any Any http->with resource Drop
And the http->with resource service will be defined as a New Resource ----
URI;
URI:
Connection Methods:Transparent, Proxy (perhaps not so nec. but doesn't give
any headache at least...)
Schemes: http (only this will be enough..)
Methods: all (so as to guarantee...)
Host:*
Path:{*/default.ida?*}
Query:*
Save everythg, and install....
It should be noted that since mostly *.ida is useless, this rule presumably
shouldn't harm any Web-Server-based applications...
**********************************
Roman Zeltser,
@National Computer Center,
RSIS & DNE
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, August 06, 2001 12:36 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Filtering HTTP
We would like to block HTTP traffic using FW-1 destined for pages called
"default.ida" on our web servers. Is there a way to do this using FW-1?
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
