I'd be very careful in opening up TCP high ports. You may end up letting something else in.
We had TCP high ports open, and ended up allowing in a couple of Trojans in those higher ranges, specifically those targeting MS SQL gaining SA, then admin authority to self install an FTP service.
If you open them up, watch them well.
Best regards, Layne Meier Atlanta Newspapers, Inc.
On Mar 15, 2004, at 1:30 PM, Jo�o Serras Rodrigues wrote:
Hi All,
I have a Firewall-1 NG R54 and I need to allow Corba (or IIOP, I'm not sure but I think it's the same) through the firewall. The application guys are telling me that I need to allow all TCP high ports (over 1024) because it uses a dynamic port allocation after the initial negotiation. It's this true? Does anyone had experience with this? Firewall-1 has a service, type other, called IIOP that uses port 1571. Using this service will solve my problem or is not that simple?
Thanks and Regards,
Jo�o Rodrigues
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
