OK, but...for all I know, implicit rules do not allow control connection such like tcp/21 or tcp/80 and Irfan says he as removed all implicit rules...
The main issue here is if Irfan claims to get open ports on the internet side of the firewall he could try what I've just said before. It is rather strange that if the rules are set just like he said make this happen, and maybe Irfan is missing something here, like Security Server configurations for instance. There might be another issue that once I've seen in phoneboy wich is that part of "match for any" in services configuration, but then again this type of match, as far as CheckPoint says, is only checked in a source->destination->any->accept so who knows. I'm only suggesting that maybe he forgot something and best choice whould be the stealth rule for the firewall module. Best regards, CS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]] On Behalf Of Cheth Sent: domingo, 17 de Novembro de 2002 9:53 To: [EMAIL PROTECTED] Subject: Re: [FW-1] Open ports Sure....but that wasn't Irfan's point. His point was that the firewall rule should be dropping the traffic, but isn't. Regards, C. ----- Original Message ----- From: "<Aaron Reynolds>" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, November 15, 2002 5:00 PM Subject: Re: [FW-1] Open ports > You need to go into voyager and turn the stuff off. The firewall can > have services listening, which will then be blocked by the rulebase. > It is best > to turn them off in voyager, so you don't accidentally open something > up. > > -Aaron > > -----Original Message----- > From: Carlos Santos [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 15, 2002 8:51 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Open ports > Importance: High > > > It's rather strange you have that, but then again, never worked with a > nokia equip so why don't you try a more direct aproach like > > Any -> FW-Module -> Any -> Drop -> Log > > Hope it helps > > CS > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED]] On Behalf Of > Hasan, Irfan > Sent: sexta-feira, 15 de Novembro de 2002 15:15 > To: [EMAIL PROTECTED] > Subject: [FW-1] Open ports > > > I'm using Checkpoint NG FP2 on Nokia IP330. > > I've only two rules in my firewall > > Source Destination Service Action > > LAN (10.1.1.x) Any Any Allow > > Any Any Any Drop > > I removed all implied rules. > > But when I scan my firewall Internet connection from Internet, > > I found Port 21, 80 and 389 are open. > > How do close all these open ports ?? > > Hope someone give me a clue. Thks... Irfan > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > > _____________________________________________________________________ > INTERNET MAIL FOOTER > A presente mensagem pode conter informa��o considerada confidencial. > Se o receptor desta mensagem n�o for o destinat�rio indicado, fica > expressamente proibido de copiar ou endere�ar a mensagem a terceiros. > Em tal situa��o, o receptor dever� destruir a presente mensagem e por > gentileza informar o emissor de tal facto. > --------------------------------------------------------------------- > Privileged or confidential information may be contained in this > message. If you are not the addressee indicated in this message, you > may not copy or deliver this message to anyone. In such case, you > should destroy this message and kindly notify the sender by reply > email. > --------------------------------------------------------------------- > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= _____________________________________________________________________ INTERNET MAIL FOOTER A presente mensagem pode conter informa��o considerada confidencial. Se o receptor desta mensagem n�o for o destinat�rio indicado, fica expressamente proibido de copiar ou endere�ar a mensagem a terceiros. Em tal situa��o, o receptor dever� destruir a presente mensagem e por gentileza informar o emissor de tal facto. --------------------------------------------------------------------- Privileged or confidential information may be contained in this message. If you are not the addressee indicated in this message, you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. --------------------------------------------------------------------- ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
