Hi, As the others stated you need a stealth rule, but as this seems to be a Windoze box, it looks like you didn't do anything to harden it, all those 13* ports should be there. Refer to one of the hardening guides that are available a bit everywhere and disable all those un-necessary services before going any further.
Met vriendelijke groeten - Bien � vous - Kind regards Guy ROELANDTS EMEA GS Internet Expertise Centre - CCSE-NG Compaq BeLux - now part of the New HP E-mail : [EMAIL PROTECTED] Tel: +32(02)729.77.44 (options 3 - 3 - 1) Fax: +32(02)729.77.65 ========================================================== This message may contain confidential and/or proprietary information, and is intended only for the person/entity to whom it was originally addressed. The content of this message may contain private views and opinions which do not constitute a formal disclosure or commitment unless specifically stated. Should you receive this message by mistake please inform the sender immediately. ========================================================== -----Original Message----- From: Ramakrishnan [mailto:[EMAIL PROTECTED]] Sent: 01 October 2002 00:44 To: [EMAIL PROTECTED] Subject: [FW-1] Check point firewall open ports Hi all, I did a port scan of my customer's firewall with Sync connect on TCP and UDP ports. I find that these ports are open. 135/tcp open loc-srv 135/udp open loc-srv 137/udp open netbios-ns 138/udp open netbios-dgm 139/tcp open netbios-ssn 161/udp open snmp 256/tcp open FW1-secureremote 259/tcp open esro-gen 259/udp open firewall1-rdp 262/tcp open arcisdms 264/tcp open bgmp 265/tcp open maybeFW1 500/udp open isakmp 900/tcp open unknown 1027/udp open unknown 2746/udp open unknown 4985/tcp open unknown 4986/tcp open unknown 4987/tcp open maybeveritas 4988/tcp open unknown 4989/tcp open unknown 4990/tcp open unknown 18183/tcp open unknown 18184/tcp open unknown 18187/tcp open unknown 19190/tcp open unknown I find that all these ports - barring a few need not be open. I want to be sure that if I disable these ports on external interface , Management console should work from internal interface. My customer's firewall admin opines that these are required for Management workstation. They do not connect Management station from external interface. I request the list's opinion on this. Has anybody faced this before. Regards Rama __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
