Hello all,
I am currently have FW-1 running under my client's network. DMZ area have
SMTP server, web server and FTP server.
I am looking for some security enhancement in their network.
First I am thinking about implement RealSecure from checkpoint for intrusion
detection system. Anyone have experience with RealSecure? Is it a good idea
to implement RealSecure? Is RealSecure really helpful? Anywhere I can find
more information??
I am also thinking about to setup some access-list in the cisco router
before the firewall.. Anyone has any suggestion about what kind of stuff I
suppose put into access-list? Anywhere I can find more information?? I real
want to do it in right way..
I also tried to put the following access-list into my Cisco router
access-list 140 permit tcp any host any eq www
access-list 140 permit tcp any host any eq ftp
access-list 140 permit tcp any host any eq smtp
access-list 140 permit tcp any host any eq pop3
access-list 140 permit tcp any host any eq 143
access-list 140 deny ip any any
After I configure my cisco router like that, I can still reach my web site
and ftp server from outside. But I found I cannot send and receive any
email. Why?? But I can telnet into port 25 and port 110 from external..
Strange??
Any other suggestion for security enhancement??
Thank you for all your help..
Albert Chong
IT Consultant
-------------------
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
