Title: Out-of-office replies!
Enough already. It's amazing to me that of all people, members of this list don't know enough to turn off OoO replies to the Internet. Get out the books and figure it out, because I doubt that too many of us care when your holidays are over. Checkpoint should in
I'm running a home network behind a SMC broadband router doing NAT. Would
like to install secure remote on one of the client boxes and run secureID to
the corporate office. What steps need to be taken as far as the rule base
goes to make this work. I know that IKE has to be enabled on the fire
Thanks for the reply. Would there be any performance hits in a situation
like this:
Internet
|
FW -- T1 --- Remote Office My Workstation
| Other Servers
Servers under my control
We have a private T1
Ramen, lion or adore worms looking for Linux 7.0 boxes with vulnerable
LPring daemons.
"Sterling, Chuck" wrote:
Over the last few weeks I've noticed a lot of scans
for tcp port 515.
Are there any serious exploits of this port that I should be aware
of?
Chuck Sterling
===
$FWDIR is not essential - it's also missing on the IP 440s, and probably the
IP 600s, but they work quite happily without this.
It's a real pain, as the path is quite long. You can use SETENV to set
this- you could always put it in the fwstart script, but I'm not sure if
this is ethically correc
If FW is blowing away these addresses, set your anti-spoofing rules to
Others +, and define a group with the external IP addresses that are
internal to put there.
- Original Message -
From: Tim Parker <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: 09 April 2001 10:26
Subject: [FW1] In
I am seeing strange alert message from my firewall
log. The destination IP was not the internal IP
address, but somehow firewall had an log entry for it.
Detail of the entry as below:
:
:
Type: alert
Action: accept
Services: tcp-high-ports
Sources: 13.10.226.1
Destination: 194.13.10.250
Protoc
Give it another IP address for management purposes only ?
- Original Message -
From: David Moran <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: 05 April 2001 13:03
Subject: [FW1] Question regarding Management Station Control
>
> Good morning List,
>
> I have two firewall modules an
- The following is an automated response to your message
- generated on behalf of [EMAIL PROTECTED]
à compter du 11/04/2001, je ne ferai plus partie du personnel de TAO,
vous pourrez me joindre à l'adresse suivante :
mailto:[EMAIL PROTECTED]
=
I setup a VRRP configuration using two Nokia IP440's. I created the VRRPmc
configuration and than the cluster configuration. A weird problem arose,
when I went to our websites behind this redundant solution I noticed that it
went thru one firewall but when I went back to the same website it bou
I will be out of the office until Monday, April16th. Please refer all networking
issues to Jeff Campbell at 336-4576. Please refer all Internet issues to the
helpdesk. Thanks.
Warren
To unsubscribe from t
Hi Rales,
The total number of bytes for the entire session incoming and
outgoing.
Thanks,
Abe
Abe L. Getchell - Security Engineer
Division of System Support Services
Kentucky Department of Education
Voice 502-564-2020x225
E-mail [EMAIL PROTECTED]
Web http://www.kde.state.ky.us/
Tim,
Your thinking is correct. Anything being protected by your firewall is set
to internal and anything is being allowed/disallowed that is NOT part of
your network (that you are not managing), is set to external.
- Original Message -
From: "Tim Parker" <[EMAIL PROTECTED]>
To: "'[EMA
I suggest Trend micro is best option.
Regards,
Gupta B S
24/7Customer.com.
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Pag
Sent: Thursday, April 12, 2001 2:58 PM
To: firewall list
Subject: [FW1] AntiVirus
Hi all again.
Now I c
I will be out of the office until Monday, April16th. Please refer all networking
issues to Jeff Campbell at 336-4576. Please refer all Internet issues to the
helpdesk. Thanks.
Warren
To unsubscribe from t
Hi,
>I presume this could be a missconfiguration in OS and not in the firewall.
>Our fw-1 running on AIX 4.3 / 3 ATM nics is experiencing fails very often
,
>say 2 per week , it suddenly "loses" its table routes and obviously
nothing
>is enabled to go inside or outside the firewall.
It might b
I`m running FW-1 on Windows NT Server...
On Mon, 9 Apr 2001, Tom Sevy wrote:
> What platform are you running FW-1 on?
>
> -Original Message-
> From: Israel Zapata Palacio [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 09, 2001 5:08 AM
> To: [EMAIL PROTECTED]
> Subject: [FW1] Reque
Hi
Nokia reports that as e problem with their last IPSO version end the new
feature called fastpath wich is enabled by default.
The way to fix that for now is to disable fastpath in IPSO
Nokia has a resolution on their support site
https://support.nokia.com/knowledge/frmResolutionView.jsp?Res
And when you decompress this archive, you get CPfw1-41.3-SP3.i386.rpm.
Michael Liberte wrote:
> *This message was transferred with a trial version of CommuniGate(tm) Pro*
> You are installing the wrong package.
> The correct one would be
> fw-1_41814_1_linux_des.tgz
> HTH
> Michael.
>
> -Ori
- The following is an automated response to your message
- generated on behalf of [EMAIL PROTECTED]
à compter du 11/04/2001, je ne ferai plus partie du personnel de TAO,
vous pourrez me joindre à l'adresse suivante :
mailto:[EMAIL PROTECTED]
=
Hmmm..
You seem to be right,
I always install from CP2000 CD, and then upgrade to SP3.
The package I use for initial installation is
CPfw1-41-vpn+des.i386.rpm
BTW
FWDIR=/opt/CPfw1-41 or something,
not /opt, and I think you need to create /etc/fw and link it to
/opt/CPfw1-41...
HTH
-Original
3600 seconds is the default tcp timeout. That means that it is likely the
UNIX box itself that is killing the inactive session. Tell them to either
nohup their process (The nohup command makes a process run beyond the shell
dying). Or, use this little shell script to keep the session alive:
See this link on troubleshooting, it has a section about debugging the SMTP
server.
http://www.tla.ch/TLA/FW/FW1FAQ.html#Troubleshooting
Regards,
Paul.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Tuesday, April 10, 2001 9:16
All,
We have an internal Proxy server which has been static NAT'd to a legal
external address to allow it to access the Internet, and for logging
purposes.
In the FW rulebase, the rules define what the Proxy may do and so on. So the
rules would be for eg
Proxy Any HTTP Log
Proxy Any FTP L
Hi,
im currently running Firewall-1 4.1 sp3 on WINNT, is it possible to
transferr the license to another OS? Im thinking of switching to linux from
here on. And i don't want to pay for another license, just "move" it from
WINNT to LINUX.
//Claes Jansson - Sweden
==
Hi,
yes you have to reinstall FW-1/VPN-1 software, because there are different
medias for DES and 3DES.
--Mika
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Jan-Ivar Hansen
> Sent: 5. huhtikuuta 2001 12:46
> To: [EMAIL PROTECTED]
> Subject:
I think that there is some confusion on the definition of "Inbound". This
really means that the traffic is inspected as it is inbound to the gateway
not inbound to the internal network. Outbound means inspected as it leaves
the gateway, and eitherbound inspects the traffic both inbound to the
g
Iztok/Keith/Rob --
thanks for your replies to my question from this morning. I now think I
understand a little better about in/out/eitherbound. Guess I had it confused
with Network traffic not the TCP/IP stack. Thanks for helping me out!
Tim
-Original Message-
From: Iztok Umek [mail
- The following is an automated response to your message
- generated on behalf of [EMAIL PROTECTED]
à compter du 11/04/2001, je ne ferai plus partie du personnel de TAO,
vous pourrez me joindre à l'adresse suivante :
mailto:[EMAIL PROTECTED]
=
Here's my (very limited) perspective. Perhaps it will be useful.
I used to work for an organization that ran FW-1 on a Solaris box. It worked well,
but the Solaris platform was quite expensive, and the OS needed to be hardened, a
procedure that took up a day or so.
Then we installed FW-1 o
I will be out of the office starting 04/12/2001 and will not return until
04/23/2001.
I am sorry for any delays this may cause. I will respond to your message
when I return, or you may email me at [EMAIL PROTECTED] or call me on my
cell at 732-300-0435 if the matter cannot wait.
Thank You,
Sco
Inbound and Outbound inspection are not functions of network association
(internal or external). They have to do with the inspection moving through
the TCP/IP stack. For example, if you're only checking inbound, and someone
gains control of your firewall, FW-1 won't inspect anything leaving the
> What I am thinking of trying, but this is where I need the
> help!, is changing the setting from eitherbound (the default)
> to inbound for our rulebase. I am curious though, if there
> are any other ramifications, other than the fact that the
> firewall will let anything from "inside" the
Gabriel:
We have a couple of Nokia IP650s running IPSO3.3 and FW-1 4.1SP3 in a HA
environment and they work great. We are using VRRP Monitored Circuit on all
interfaces directly connection to the Nokia's.
Basically what you have is that each Nokia does indeed have a physically
diffe
Hi everybody,
I'm having some problems with a UNIX server protected by a Firewall-1
running on a Windows NT box. The users are accessing an application via
telnet on the Unix server which controls a printer located outside the
firewall. These users access some sections from this application an
Bob,
If after rebooting you still; see v4.0 when you do
fw ver or fw ver -k, your FWDIR variable is probably pointing to the old
directory in one of your initialization scripts.
I have been through this before.
Correct this and reboot so you will be running full
4.1.
Best wishes
Abu
I will be out of the office until Monday, April16th. Please refer all networking
issues to Jeff Campbell at 336-4576. Please refer all Internet issues to the
helpdesk. Thanks.
Warren
To unsubscribe from t
I'm quite sure you should stick to downloading fw-1 patches
for your Nokia boxes, from support.nokia.com.
On Wed, Apr 11, 2001 at 01:57:43PM -0500, Greg Winkler wrote:
>
> I've a Nokia IP330 that needs patching to the current revs. It's running
> FW1 4.1 and IPSO 3.2.1. I can get patches from
hi all,
any comments on the validity/accuracy of this report? since we
run solaris and nokia i doubt the *.exe concerns are valid.
i have no insight to the http configuration so it is difficult to
gauge what CP may have done. thanks /pc
--- Forwarded Message
Vulnerability found on port o
Title: RE: [FW1] NAT on a Nokia VPN220?
The VPN2xx series, like most other platforms, has no inherent NAT capabilities. The NAT functionality is provided by Firewall-1. I've never set up NAT on a VPN220 per se, but it works fine on VPN210, all Nokia IPxxx, NT, Solaris, RHLinux, etc.
HTH
D
The AR.PDF (administration) guide on the Check Point 4.1
CD-ROM has a chapter
devoted to INSPECT.
David C. Diemer, CCSEEnterprise Security Firewall EngineerGeorgia
Department of Administrative Services (DOAS)200 Piedmont Ave. SESuite
1420, West TowerAtlanta, GA 30334[EMAIL PROTECTED]
Gabriel,
What James explains is the VRRP Monitored Circuits, what you are
talking about is the VRRP v2 ... an older version I think of VRRP,
I think Monitored Circuits is better.
Resolution 1214 on the Nokia Support site explains this in more
details
Met vriendelijke groeten - Bien à v
I've been having the same problem recently, since I upgraded from 4.0 sp3 to 4.1
sp2 (NT4 Management and 2 Nokia 440's running IPSO 3.3)
It looks like I've managed to fix it with the help of Phoneboy (searching for
Unknown TCP packets)
All you have to do is uncomment a line in the $fwdir\lib\fw
I have a Solaris 2.6 Ultra-5 firewall SP8 configured to support up to 50,000
connections. Under undetermine circumstances the firewall sends the following
message
fw_xlate_set_tables: ld_set_wto to fwx_forw_tab failed
fw_init_xlation_tables: fw_xlate_set_tables failed
FW-1: fw_xlate_forw: faile
Hi all,
I have a lot of security applications wich build logs.
The logs can also come from UNIX free application.
Today we have a lot of people who spend time to check the logs files.
Each person is dedicated to a kind of log.
Today I am looking for an application able to gather the logs files
I've setup 2x Nokia IP440s using monitored circuits.
I now want to prevent VRRP multicasts from being broadcast upstream.
As I have a failover cable between the two machines, is it possible to
restrict BTTP to that cable only, or do I have to filter out the multicasts
using border routers ?
Ti
Hello All,
We're seeing alot of connection attempts to our firewall on port 32775
today. Does anyone know what this port might be used for?
Thanks,
Steve
___
Send a cool gift with your E-Card
http://www.bluemountain.com/giftcenter/
I've just corrected the same problem by having another license from
checkpoint.
regards.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Dan Guinn
Sent: Sunday, April 08, 2001 10:28 PM
To: 'John Tanouye'; '[EMAIL PROTECTED]'
Subject: RE: [FW1] 4.0 vs. 4
48 matches
Mail list logo