RE: [FW1] service 41508

Tue, 12 Sep 2000 10:27:14 -0700 


Yes, but Inoculan updates are requested manually from a desktop in another
subnet, then pushed out to clients when they log into network.  Nothing in
the DMZ requests Inoculan.

Laurin Buchanan, Manager, Internet Services / Webmaster
National Music Publishers Association & The Harry Fox Agency, Inc.
www.songfile.com | www.lyrics.ch | www.nmpa.org



>-----Original Message-----
>From: Andy David [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, September 12, 2000 12:24 PM
>To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
>Subject: RE: [FW1] service 41508
>
>
>Do you use Inoculan?
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, September 12, 2000 11:12 AM
>To: [EMAIL PROTECTED]
>Subject: [FW1] service 41508
>
>
>
>Greetings Firewallers:
>
>Does anyone know what might legitimately use service 41508, or a
>vulnerability that is based on this service?  I've checked IANA list, this
>specific port is in the "unassigned" group.  All of a sudden my fw-1 logs
>are flooded with dropped entries to my DMZ broadcast address on this
>service:
>
>Service | source | destination | protocol | rule | length
>41508 | Firewall_External | X.X.X..255 | udp | cleanup | 216
>
>Our FW-1 is 3.0b patch 3068 (yes, I know, upgrade is planned for first week
>in October) on NT4 SP4. We're using NAT and routing valid DMZ addresses to
>the firewall, which then forwards packets to the servers.
>
>I don't like fact that the destination is the firewall_external object, but
>I am unclear on what the difference is between that designation and the
>actual IP address of the external interface of the firewall, which I
>occassionally see in the logs.  Ive taken a quick look at some of the
>standard online & offline references and I'm still unclear as to what this
>might all mean.  Any information you can provide would be greatly
>appreciated.
>
>thanks in advance,
>
>Laurin Buchanan, Manager, Internet Services / Webmaster
>National Music Publishers Association & The Harry Fox Agency, Inc.
>www.songfile.com | www.lyrics.ch | www.nmpa.org
>
>
>
>
>
>===================================================================
>=========
>====
>     To unsubscribe from this mailing list, please see the instructions at
>               http://www.checkpoint.com/services/mailing.html
>===================================================================
>=========
>====
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to