Create a resource "http -> http_screening".  Go to the match tab and
check "http" and "get".  In path, put "*{.pif,.scr,.com,.exe,.bat}" (and
I would include the other extensions from Nimda and code red/blue). 

Implement this in a rule for everything crossing the firewall (maybe
negating the internals, there are issues sometimes if you dont).

HTH

Nick

On Sat, 2001-12-15 at 00:43, Nilesh Shastri wrote:
> 
> 
> Hi,
> Can anyone help to prevent W32/Gokar using 
> Checkpoint Firewall.
> 
> Thanks.
-- 
Nick
Network Security Consultant
CISSP, CCSI, MCSE, CCNA
Lucent Technologies/NPS
Raleigh, NC


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Reply via email to