Create a resource "http -> http_screening". Go to the match tab and check "http" and "get". In path, put "*{.pif,.scr,.com,.exe,.bat}" (and I would include the other extensions from Nimda and code red/blue).
Implement this in a rule for everything crossing the firewall (maybe negating the internals, there are issues sometimes if you dont). HTH Nick On Sat, 2001-12-15 at 00:43, Nilesh Shastri wrote: > > > Hi, > Can anyone help to prevent W32/Gokar using > Checkpoint Firewall. > > Thanks. -- Nick Network Security Consultant CISSP, CCSI, MCSE, CCNA Lucent Technologies/NPS Raleigh, NC _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com