I don;t know of this affects anyone out there but...
fw-1 4.1 bug:
There is a bug in fw-1 4.1; Right now if you put a license in, and try to
re-apply another license that does the same thing
on the same management server, it will not work. A good example follows:
You have a SecureClient 5 user license, and try to add another 5 user
license for a total of 10 licenses. It will
not allow. You would have to go straight to the 50 user. This is not limited
to Secureclient licensing, but I can think of very few other areas where
there could be problems.
CheckPoint is working on this. I have validated this to be true.
Thomas
-----Original Message-----
From: Jonah Kowall [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 14, 2000 4:13 PM
To: '[EMAIL PROTECTED]'
Subject: [FW1] FW: CheckPoint FW1 BUG
this is interesting, any comments? I have yet to confirm this.
-----Original Message-----
From: NHC Research
To: [EMAIL PROTECTED]
Sent: 7/13/2000 8:01 PM
Subject: Re: CheckPoint FW1 BUG
While doing some testing on Firewall-1 4.0 NT SP4 a few months ago, we
came across a similar situation. We felt it was not worthy of an
advisory
because it is effectively a misconfiguration issue, although it is the
default configuration upon initial install.
Scenario:
One firewall machine, 2 NICs (one for untrusted net, one for trusted
net).
Configuration:
NT 4.0 SP6a
Firewall-1 NT 4.0 SP4
Steps 2 Repro:
1. Install FW-1, define one subnet for each physical NIC.
2. From either network, send a SYN packet to the IP of the firewall,
port
1032. ('telnet firewallip 1032', or 'nmap -sS -p 1032 firewallip')
Result:
One of the running instances of the fw.exe service goes to 100%.
Why is this not a bug?
Because the first thing the "wizard" does for you is to block
all
traffic directly to the firewall, this should not be an issue for most
people. This is a really good thing, because FW-1 listens on an obscene
number of ports in a default installation.
If anyone can retest against FW-1 4.1 SP1, I'd be interested to see if
this minor problem still exists. Does anyone have an official contact
for
Checkpoint to report security related issues?
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
