RE: [FW1] Opened port at Firewall-1

[McCammon, Keith]

Yes, it is highly recommended that you eliminate the implied rules and recreate them manually, and only as needed.   See: http://www.cert.org/advisories/CA-2001-17.html.  Implied rules at work! -----Original Message----- From: Alonzo Vera [mailto:[EMAIL PROTECTED]] Sent: Monday, July 09, 2001 1:13 PM To: '[EMAIL PROTECTED]' Subject: [FW1] Opened port at Firewall-1 Hi all!,   Last weekend someone did a scan to our firewall and found port 264 and 265 opened. Those ports are "Check Point VPN-1 Public Key Transfer Protocol" and "Check Point VPN-1 SecuRemote Topology Requests" and belong to the first implied rule: Checkpoint Control Connections.   My question is: Does those ports represent a security problem? We don't use VPN yet, so, I don't need them. But to close those ports I will need to eliminate the Checkpoint Control Connections implied rule, and recreate it manually, as first rule. Does anyone know if this is recommendable? Which reasons may I have to keep the configuration as it is now, with those ports open to the world?   Thanks a lot,   Alnz.      Ing. Alonzo Vera Rojas Consultor en Seguridad de Redes Cosapi Soft S.A. Av. Javier Prado Este 4491-Surco. Lima 33, Per�. Tel�fonos: (511) 3133200 anx 234; Fax: (511) 437-1606; Nextel: 81.22612 mailto:[EMAIL PROTECTED] http://www.cosapisoft.com.pe                                       The truth is out there...