On Sun, May 28, 2000 at 09:29:22PM +0100, Steve Babb wrote:
> I have ran a portscan on my NT firewall and have seen the following :-
>
> 264/tcp open bgmp
> 265/tcp open unknown
>
> I haven't opened these with fw-1 so does anyone know what they are or how I
> can stop them?
TCP port 264 is used for SecuRemote 4.1 clients to fetch network topolicy.
(SecuRemote 4.0 clients and earlier use TCP port 256).
TCP port 265, according to my 4.1SP1 objects.C, is labeled "Check Point
VPN-1 Public Key Transfer Protocol." I'm guessing this is used by FireWall-1
to exchange public key with otuer hosts.
You should be able to block these with your normal security policy. You
probably can't make FireWall-1 not listen on these ports, however.
-- PhoneBoy
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
