Rick,
I have not tried this one yet...but this should answer your request.
Read the email thread.
We may try it later (in a few months) if time permits.
Have you seen this proposed solution?
If you try it, I would be interested in what happens.
Richard C.
-----Original Message-----
From: njohnson [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, April 08, 1999 10:51 AM
To: Campana, Richard
Subject: Re: another question
Richard:
Below is a response from one of our developers to your question. I will
be
forwarding the query to the other developer indicated in the response to
confirm the behavior in the http security server.
-----------
Adding the line
:undo_msg (true)
To the properties set in objects.C (and re-loading the policy) should
clean
the Check Point banner from the authentication servers (it might be that
on
HTTP this does not clear all of the references - you need to check this
with
Assi)
It should be added to the objects.C under the props line in the
management
station, and then when the policy is loaded to the modules they will get
it
from there. This is a global flag for all security server.
-----------
In other words, Richard, edit the objects.C file in the winnt\fw\conf
directory and add the line under the properties entry for the management
server (the primary firewall we set up while I was in Texas). If you
have
any other questions or this does not do what you wish please let me
know.
Nathan
----------
> From: Campana, Richard <[EMAIL PROTECTED]>
> To: Nathan Johnson (E-mail) <[EMAIL PROTECTED]>
> Subject: another question
> Date: Monday, April 05, 1999 5:53 PM
>
> Nathan,
>
> We would like to know if we can remove Checkpoint's name when a user
> logs in to a server with user authentication.
>
> For example, when a user uses FTP, TELNET, or HTTP, the
>
> A banner shows Checkpoint as authenticating.
>
> We do not want users to be able to tell that Checkpoint is
> authenticating or even involved somehow.
>
> How can we have our own banner?
>
> -----Original Message-----
> From: Rick Romkey [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, April 20, 1999 11:19 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED];
> [EMAIL PROTECTED]
> Subject: Re: Firewall 1 hardened kernel
>
> >
> >
> > 4.0 already has had some security packs released to fix a few
> things.
> > They still have not fixed the mail banner where you can attempt a
> telnet
> > to 25, and receive the mail banner revealing to world that you are
> running
> > Checkpoint. Tech support had stated this was going to be addressed
> in the
> > 4.0 release, but I have yet to see where you can modify the line to
> > prevent the banner from being shown or change the banner to fool
> would be
> > intruders and some of the IDS tools :)..
> >
>
> To modify the mail banner, simply select "Security Servers" from
> "Policy/Properties" and enter the SMTP welcome message.
>
> -Rick
>
> ----------------------------------------------------------------------
> --------
> | A T L A N T I C |
> Rick E Romkey | |
> www.atlantic.com
> [EMAIL PROTECTED] | We not only sell security solutions, | (860)
> 667-9596
> | we understand them. |
> ----------------------------------------------------------------------
> --------
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
