Do you use Inoculan?
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 12, 2000 11:12 AM
To: [EMAIL PROTECTED]
Subject: [FW1] service 41508
Greetings Firewallers:
Does anyone know what might legitimately use service 41508, or a
vulnerability that is based on this service? I've checked IANA list, this
specific port is in the "unassigned" group. All of a sudden my fw-1 logs
are flooded with dropped entries to my DMZ broadcast address on this
service:
Service | source | destination | protocol | rule | length
41508 | Firewall_External | X.X.X..255 | udp | cleanup | 216
Our FW-1 is 3.0b patch 3068 (yes, I know, upgrade is planned for first week
in October) on NT4 SP4. We're using NAT and routing valid DMZ addresses to
the firewall, which then forwards packets to the servers.
I don't like fact that the destination is the firewall_external object, but
I am unclear on what the difference is between that designation and the
actual IP address of the external interface of the firewall, which I
occassionally see in the logs. Ive taken a quick look at some of the
standard online & offline references and I'm still unclear as to what this
might all mean. Any information you can provide would be greatly
appreciated.
thanks in advance,
Laurin Buchanan, Manager, Internet Services / Webmaster
National Music Publishers Association & The Harry Fox Agency, Inc.
www.songfile.com | www.lyrics.ch | www.nmpa.org
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
