-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 12:40 PM To: [EMAIL PROTECTED] Subject: Firewalls digest, Vol 1 #557 - 3 msgs Send Firewalls mailing list submissions to [EMAIL PROTECTED] To subscribe or unsubscribe via the World Wide Web, visit http://lists.gnac.net/mailman/listinfo/firewalls or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Firewalls digest..." Today's Topics: 1. Re: Software Firewall Development (Bernd Eckenfels) 2. RE: W2k and FW-1 (Shimon Silberschlag) 3. Win2K VPN ports (Gal Binderman) --__--__-- Message: 1 Date: Sat, 23 Feb 2002 21:29:05 +0100 From: Bernd Eckenfels <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Software Firewall Development On Thu, Feb 14, 2002 at 01:09:03AM -0500, [EMAIL PROTECTED] wrote: > The first question you need to decide upo, is what are you to accomplish by > writing this? If for example you want to do this for educational user, or actually want to write a secure product, I would suggest you have a look at Microsofts Research Language Vault. BTW: if you want to write a personal Firewall like ZA, you wont do much with socket programming, you will most ikely write a NDS Filter Layer. In anyway, I would be intersted to hear from your attempts on the freefire-l, see www.freefire.org, where deveopers of free IT Security Solutions can meet. Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE (O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl! --__--__-- Message: 2 From: "Shimon Silberschlag" <[EMAIL PROTECTED]> To: "Reginald Shorter" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: RE: W2k and FW-1 Date: Sun, 24 Feb 2002 09:24:54 +0200 Your version of the fw does not support key negotiation for network subnets. This is supported in fw-1 v4.1 (don't remember which sp). Tell the other side to disable this option in his definition for your site. It's on the IKE dialog box on the bottom. Shimon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Reginald Shorter Sent: Friday, February 22, 2002 00:11 To: [EMAIL PROTECTED] Subject: W2k and FW-1 Anyone ever seen this error? Trying to setup a VPN to VPN gateway....CP FW-1 ver. 4.0 SP5 and W2K (SP2) ISAKMP LOG PHASE 1 Completion DES/MD5/Pre shared secrets Negotiation id: xxxxxxxxxxxxxxxxxxxx ISAKMP LOG Sent Notification: invalid id information <phase2 stage1> peer may have sent an ID of type subnets, which is not supported in this version Negotiation id xxxxxxxxxxxx Reginald C. Shorter University System of Maryland Service Center Network and Systems Engineer Phone: 301.809.3198 Email: [EMAIL PROTECTED] Fax: 301.809.3130 <<Reginald Shorter.vcf>> --__--__-- Message: 3 Subject: Win2K VPN ports Date: Sun, 24 Feb 2002 09:37:10 +0200 From: "Gal Binderman" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Hello all.=20 A little off topic, buy yet not completely, question: I have a Win2K DC serves as a domain controller and a VPN server for = Extranet clients. I have a PIX firewall, containing a NAT (static rule) = to map a legal IP address to that VPN server. I'm using Microsoft EAP as = the only authentication protocol for that VPN server, 128bit encryption. Does anyone know what ports should I keep open to that address in order = to allow public access to that VPN server across the PIX? Thanks, Gal Binderman. [EMAIL PROTECTED] --__--__-- _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls End of Firewalls Digest _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
