I have done this and it seems to work great. We have only a few IIS servers
which are all patched, but one runs citrix and the codered seems to screw it
all the time.
One question I have is on how secure these URI resources are. From my
understand (which is not too comprehensive) the URI filter is designed to be
used from the internal network to the internet (keep the users from looking
at porn, etc). Now that I have the checkpoints looking at all the Incoming
HTTP requests to my IIS servers, have I increased my risk to DoS's or other
compromises?
thanks
Joe
>You can create a URI resource and match the string.
>
>George
>
> -----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]
>Sent: Monday, August 06, 2001 9:36 AM
>To: [EMAIL PROTECTED]
>Subject: [FW1] Filtering HTTP
>
>
>We would like to block HTTP traffic using FW-1 destined for pages called
>"default.ida" on our web servers. Is there a way to do this using FW-1?
>
>
>
>
>============================================================================
>====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>============================================================================
>====
>
>
>_____________________________________________________________________
>IMPORTANT NOTICES:
> This message is intended only for the addressee. Please notify
>the
>sender by e-mail if you are not the intended recipient. If you are not the
>intended recipient, you may not copy, disclose, or distribute this message
>or its contents to any other person and any such actions may be unlawful.
>
> Banc of America Securities LLC("BAS") does not accept time
>sensitive, action-oriented messages or transaction orders, including orders
>to purchase or sell securities, via e-mail.
>
> BAS reserves the right to monitor and review the content of all
>messages sent to or from this e-mail address. Messages sent to or from this
>e-mail address may be stored on the BAS e-mail system.
>
>
>
>
>================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>================================================================================
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
