[FW1] META IP UAM Integration

Hi all, We successfully integrated the Meta IP UAM service with firewall service. We could see the NT domain user name appearing on the log viewer. My question is, We defined a rule as shown below. Usergroup@Network Any http->UFPserver ClientAuth Long When we try to use UFP server(WebSense serve

RE: Re[2]: AW: [FW1] Secure Remote for Linux/Solaris, Macintosh ????

Are you looking for a MAC client of SecureRemote? It is out of beta and will be charged for soon. I have the latest beta copy I can send. Scott Godfrey Enterprise Security Business Development Unit [EMAIL PROTECTED] 727.530.0444 Ext.276 RISCmanagement, Inc. www.

RE: [FW1] Blocking vbs attachments in sp2

I am saying that you can strip mime types, not by extension. If you strip mime type application/octet-stream, it will strip .exe, .bmp, .vbs and many others. The problem is that by stripping this mime type you may strip some things you do not wish to strip. It is like surgery with a sledge hammer

AW: [FW1] Port 10008?

hi, i think it´s the lion internet worm (an exploit for bind). for further information please read this http://www.whitehats.com/library/worms/lion/ happy hunting /wolfgang > -Ursprüngliche Nachricht- > Von: Robert C. Wessel [SMTP:[EMAIL PROTECTED]] > Gesendet am: Montag, 14. Mai 2

[FW1] Looking for a Security Consultant in Sydney.au

Title: Looking for a Security Consultant in Sydney.au The company I work for is looking for a professional security consultant (or company) who can give us some advice on the following products: o Cisco Pix Firewall o Checkpoint Firewall-1 o Websense (or alternative) Knowing about Cisco

Re: [FW1] Dr Watson error "WIN32/netsod.exe"

1. Issue a FWSTOP 2. Edit the $FWDIR/conf/fwauthd.conf file and delete the line : 19190 netsod wait 19190 3. Save the changes to the file 4. Issue a FWSTART 5. Restart the FW Thanks Niko To unsubscribe

RE: [FW1] Linux, VPN and ARP

Had same problem what I find out is that the kernel is issuing icmp redirects to tell the client to use the real IP address You can try to suppress them using type a "echo 0 > /proc/sys/net/ipv4/conf/ethx/send_redirects" (where ethx is the interface on which you make proxy arp) to null all t

RE: [FW1] FW1 on NT and routing

It sounds like your Firewall doesn't control Ip-forwading. If you turn it on, it should work fine. Regards, Daniel Wirth Consultant Network Security _ Daniel Wirth Systemberater Netzwerksicherheit IQproducts GmbH Max-Planck-Str. 5,

RE: [FW1] No Available security Policies in Gui??

Steve, Your solution would only work on unix. The NT command handler doesn't interpret wilcards before starting an application, and you need to do this manually. This can be done like this: for %d in (*.W) do fw fwm -g %d This command will rebuild rulebases.fws. Lars -Original Message-

RE: [FW1] VPN on two external FW-1 interfaces

Hi, I have been trying to setup VPN on two interfaces as well. I setup :resolve_multiple_interfaces (true) (SP2 Release Notes) as well as accepting initial RDP pakets for interface lookups. Using that the VPN tunnel is established successfully however after 10min, SecuRemote does a IKE Quickmod

RE: [FW1] Blocking vbs attachments in sp2

Michael, Interesting. Are you saying that Firewall Checkpoint can be used to stripe away VBS attachment..without the need of MIMESWEEP tool at all ? BY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Tench Sent: Tuesday, 15 May 2001 2:39

[FW1] Firewall-1 vs. Cisco PIX

Title: Firewall-1 vs. Cisco PIX This may be a silly question, but does anyone have any comparison chart between a Firewall-1 (NT) and a Cisco Pix Firewall? Or perhaps someone has already evaluated both and has an opinion on the Pix vs. Fw-1… what is better overall, what are the advantages a

RE: [FW1] SMTP virus scanning. slightly OT

Pete, Go with a SMTP relay, and stay off CVP if possible. CVP has some limited functionality. See this message for a problem description: http://msgs.securepoint.com/cgi-bin/get/fw1-0103/990/1.html Lars -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of P

RE: [FW1] VPN based telecommuters, how to secure their end? (off-topic)

We have used BlackICe defender successfully with Nortel Contivity VPN ... works well we have >50,000 users globally. Debashis -Original Message- From: Greg Winkler [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 15, 2001 4:09 AM To: [EMAIL PROTECTED] Subject: [FW1] VPN based telecommu

RE: [FW1] Load Balancing to the internet using 2 ISPs - routing p protocol?

Title: RE: [FW1] Load Balancing to the internet using 2 ISPs - routing p protocol? I have never seen a Tier 1, or even Tier 2 provider refuse to do BGP with a customer in the US data markets with at least a /24.  They always seem to do it free of charge, at least in my experience. The only co

Re: [FW1] Dr Watson error "WIN32/netsod.exe"

GIYF. http://www.firewall-1.org/ 2000-06-07/msg00596.html "Netsod.exe is the Policy Server process used for Secure Client to download desktop policy. On systems that are not using this feature, it can be disabled by editing $FWDIR/conf/fwauth.conf and removing the line: 19190 netsod wait 19190"

Re: [FW1] 'Unknown error while trying to connect to UFP'

Hi: I had the same problem. I contacted WebSENSE and they gave me a patch for it. I suggest you contact WebSENSE tech support. Regards Bob Webber AT&T Global Network Services Tel: (905) 762-7433 Fax: (905) 762-7497 Notes: Bob Webber/Markham/IBM@IBMCA Internet: [EMAIL PROTECTED] "Logic merely

[FW1] ldap limits

Does anyone know how to limit the number of objects a 4.1 FW will return from an ldap query? Tried changing the ldap limits in objects.C to no avail. Thanks, Jared To unsubscribe from this mailing list,

Re: [FW1] Port 10008?

I have as well. It appears that it originated from some Asian netowrks, now I am getting some from North American locations as well. So far, according to my Snort logs, it looks like a worm. On Mon, 14 May 2001 01:25:24 -0500, Robert C. Wessel wrote: > > Is there some new (or old) trojan/wo

[FW1] disregard, this is a test

testmail To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =

RE: [FW1] Port 10008?

I have checked my ports and I do not see anything different . You may have been scanned to see if they can get in . -Original Message- From: Robert C. Wessel [mailto:[EMAIL PROTECTED]] Sent: Monday, May 14, 2001 2:25 AM To: [EMAIL PROTECTED] Subject: [FW1] Port 10008? Is there some n

Re: [FW1] Port 10008?

It looks like aworm with an RPC exploit. Michael Tench On Mon, 14 May 2001 01:25:24 -0500, Robert C. Wessel wrote: > > Is there some new (or old) trojan/worm/exploit/whatever running around that > tries to install a service on port 10008? I've had my network scanned > nearly a dozen ti

Re: [FW1] securemote error

is this happening for all your remote VPN users? Are your log files on the same NT box? If so are you actively looking at the logs while this is happening. We had similar issues on a solaris box where whenever we were scanning the logs the cpu utilization maxed out and gave response errors to

[FW1] FW1 on NT and routing

Hi, I have a Checkpoint firewall running on Win NT and having this configuration : +---+ | |Router +---+ |10.1.1.1 | | |10.1.1.100 +---+ | | FW Checkpoint +---+ |10.1.3.101 | | |10.1.3.105 +---+ | |Host +---+ I have only defined a rule whi

Re: [FW1] Blocking vbs attachments in sp2

You can strip mime type application/octet-stream. You would do this when you define an smtp resource. Michael Tench On Fri, 11 May 2001 11:15:18 -0700, Tony Wong wrote: > Can i please get some help on how to clock vbs attachements before these > emails reach my mail server? > > Thank