RE: [FW1] MAD - how to configure it

Sun, 20 Aug 2000 07:45:09 -0700 


cpmand_config.conf in the /$FWDIR/conf can be ONLY disabled on the
management station if you have a distributed setup, otherwise on a single
gateway product you can disable it on the same box. mad_system_mode = off
An alternative is to also either increase your MAD_port_scanning_repetitions
(from default 100 to about 350) or simply set MAD_port_scanning_mode = off
rather than disabling CPMAD as a whole. Good Luck.

--Michael
RISCManagement, Inc
www.riscman.com


-----Original Message-----
From: Firewall Admin [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 18, 2000 11:43 AM
To: Cedric Amand; [EMAIL PROTECTED]
Subject: Re: [FW1] MAD - how to configure it



cpmad_conf.conf in $FWDIR. Set MAD_system_mode to off. Bounce the firewall.

----- Original Message -----
From: "Cedric Amand" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 18, 2000 11:46 AM
Subject: [FW1] MAD - how to configure it


>
> Hello,
>
>       I'd like to know how you configure (better : how you disable !)
>       the "MAD" pseudo IDS of CKP 4.1
>
>       It falls into all the well known traps (slow DNS answers, etc),
>       thinks he runs into portscans which are not, and finds clever
>       to firewall me from a bunch of pacific hosts.
>
>       I'd like to get rid of it ASAP. Any pointers ?
>
> --
> Best regards,
>  Cedric                          mailto:[EMAIL PROTECTED]
>
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to