Checkpoint has a few new announcement:
http://www.checkpoint.com/cyberdefense/index.html
http://www.checkpoint.com/techsupport/alerts/pasvftp.html
Guess you have to check out their web page to find out...
/m
"Perez Lajo, Jacobo" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
02/29/00 12:55 AM
To: [EMAIL PROTECTED]
cc:
Subject: Bug in Checkpoint FW-1 3.0 ?
Hi all,
I am new a this list and this is the first message I post here (although
I've been reading
yours for a few weeks). Our LAN is connected to Internet through a
CheckPoint FW-1
(release 3.0) running on a WindowsNT 4.0 box which takes care of all
input/output traffic.
Someone has told me that there might be a bug in that release of FW-1
dealing with
FTP traffic and its "stateful packet firewall" feature, i.e., just when
the
FTP connection
is about to be opened the Firewall must find out which port is being used
for the data
and open it. Could someone from the "outer world" make the FW-1 believe
that
a certain
port is the one it is expecting and let the intruder use it? (I do not
think
it is an easy task
to be accomplished, but there are quite a powerful tools "floating" out
there and also people with
a lot of spare time).
Does an upgrde to next release solve the proble (if it exists)?. Any help
would be appreciated.
Thanks in advance,
/|||\
@ @
---------------oOOo--(_)--oOOo------------------
Jacobo P�rez Lajo
�rea de Sistemas y Comunicaciones
CISICRET
Tel: +34 91 3436132
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-------------------------Oooo-------------------
oooO ( )
( ) ) /
\ ( (_/
\_)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
