> I performed a portscan on my firewall. Its listening
> on ports 264 and 265. What are they for?
If you have a CheckPoint Firewall-1, then TCP 264 and 265 are used for the
administration of CheckPoint Firewall-1 firewalls. Specifically, 264 is for
the service "FW1_topo" and 265 is for the service "FW1_key". These are both
services that are used during the session establishment process for an
encrypted FW1 management session.
If you turn off the implied rule "Accept VPN-1 & FireWall-1 Control
Connections", you will probably see these open ports disappear, unless they
are allowed by another (specific) rule. If you do this, be sure to allow
your management station to manage the firewall through the use of specific
rules, or you run the risk of disabling your own remote management
capability.
If you don't have a CheckPoint Firewall-1, then the two ports are listed by
IANA as follows:
bgmp 264/tcp # bgmp
bgmp 264/udp # bgmp
x-bone-ctl 265/tcp # x-bone ctl
x-bone-ctl 265/udp # x-bone ctl
I would need to know more about what firewall you are running before
determining why these ports are open.
Bryce Porter
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
