I may be required to edit my base.def file to fix the known ftp problem (http://www.phoneboy.com/fw1: High Port TCP Services and FTP) when the data port happens to match an already defined service port. I found conflicting information about whether this applies to just passive or both active and passive ftp - anyone know the answer? Personally, I can't make ftp fail so it is hard for me to test, but one user reports the same result when setting her ftp client to active or passive. Is there any risk associated with making this change? What did Checkpoint hope to accomplish with this restriction in the first place? *************************************************** This is an email. Don't rely on anything seen here as being accurate without testing it yourself. *************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
