|
Hi Chi-Lien,
Well, the ports FireWall-1 uses for communication
are these (I made a table of them....):
Some of these are included in implicit pseudo-rules
you can view choosing View from the menu, and then click on Implied
pseudo-rules. Pay attention to the fact that you're maybe not using all of
them....
I suggest you to harden you operating system in
order to close unnecesary ports. For hardening SO I suggest the following
whitepapers:
Armoring Solaris
http://www.enteract.com/~lspitz/armoring.html
Armoring NT
http://www.enteract.com/~lspitz/nt.html
About training in CheckPoint Fw-1.... Well I can
say that when I began with the product documentation it was a headache for me to
understand the product architecture. Too many terms: inspect engine, fw module,
inspection module, enterprise security console, fw management console. Some of
them refer to the same but I don't know why the CKP Software Technologies
documentation team like to have many, many names to designate exatly the
same thing.
It was a great challenge for me. But you can
acquire the concepts and terms if you have a little patience. You will maybe
have to read the docs many times.
I can't tell you if CCSA or CCSE student material
were better than product documentation because I had access to them when I was
more experienced with Fw-1. But I think they're easier to read.
If you or your company can afford for a CCSA or
CCSE course, welcome....
I hope this can help you.
Best regards,
Fabiola Mayorca
-----------------------------------------------------
Fabiola Daniela Mayorca Arellano CCSE & CCSA CheckPoint Certified Security Engineer / Administrator Telef�nica Sistemas, sucursal Per�. Los Sauces 374 Piso 10/11 Edificio La Torre Roja. San Isidro - Lima 27 Latin America
|
Title: open ports
- [FW1] open ports Chi-Lien Lee
- Fabiola Mayorca
