Francis,
By creating a resource, you can indeed limit the types of commands available through
http and ftp sessions. If you use wildcards (or specific file names/patterns in the
match field on a wild card resource, you can select the ftp get or put and http head
or post type requests. If you use this in a rule, you can limit access based upon
the rudimentary commands.
Example
URI resource / wildcard / transparent
Match - ftp get
lower three boxes *
In a rule any ftpserver ftp->resourcecreated will allow only ftp downloads, but will
not allow ftp uploads.
CryptoTech
THELLIER Francis wrote:
> Hello,
>
> I have a simple question, I'm just checking this because I can't remember
> something :
> Is it possible to block http or ftp commands with fw-1 ?
> I know we can log all this creating a resource, but I do not remember if we
> can control the access of some commands like get or put, or others ...
>
> I believe the answer is no, but I would like to be sure,
> so ... every responses are welcome !
>
> Thanks in advance,
> Francis
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
