...
-Original Message- From: CryptoTech [mailto:[EMAIL PROTECTED]]
Sent: 30 September 2001
21:50 To: Allan
Pratt Cc:
[EMAIL PROTECTED] Subject: Re: [FW1] Firewall-1 and use in
Arab countries Allan, There are
currently only 9 countries in wh
21:50
To: Allan Pratt
Cc: [EMAIL PROTECTED]
Subject: Re: [FW1] Firewall-1
and use in Arab countries
Allan,
There are currently only 9 countries in which firewall-1 cannot be
sold. I have had knowledge of many arab organizations purchasing
firewall-1, with no concern for the writers race. Lets f
lto:[EMAIL PROTECTED]]Sent: 30 September 2001
21:50To: Allan PrattCc:
[EMAIL PROTECTED]Subject: Re: [FW1]
Firewall-1 and use in Arab countriesAllan, There are
currently only 9 countries in which firewall-1 cannot be sold. I have
had knowledge of many arab organizations purchasing firewall-
I think there shouldn't be a problem with this depending of course on what
country it is.
Some countries are banned from purchasing certain software iregardless of
whether it is an Israeli company or an American one.
The best bet would be to contact CP directly and ask them.
Mike
> -Origi
Allan,
There are currently only 9 countries in which firewall-1 cannot be
sold. I have had knowledge of many arab organizations purchasing
firewall-1, with no concern for the writers race. Lets face it, Israel
and US go pretty much hand-in-hand as far as Anti-Semitic arabs are concerned.
Do not
Title: RE: [FW1] New worm on the road?
Yes all Security server (HTTP, SMTP and
FTP) works in proxy mode
so the firewall becomes the apparent source
of all packet processed
And if you use HTTP to filter virus to your
inside web server he
will log all acces to your web server
comming from th
Title: RE: [FW1] Firewall crashes
Try using bluesave from sysinternals to log the bluescreen when the box goes down...
http://www.sysinternals.com/ntw2k/freeware/bluesave.shtml
John Witham
Senior Data Networking Engineer
Takeda Pharmaceuticals North America, Inc.
V://847.383.3304
F
Hello,
cpmad stands for checkpoint malicious activitiy detection. In other words
its a little ids which can detect a few general attacks, like land attack,
smurf, syn attack, port scanning ...
It's configured via the cmpad_conf file. There you can configure how
sensitive it. If you increase
http://www.phoneboy.com/faq/0032.html
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Grantham, Scott
> Sent: Monday, September 24, 2001 20:20
> To: [EMAIL PROTECTED]
> Subject: [FW1] Firewall Log Management
>
>
>
> Does anyone know if there ar
http://www.rtek2000.com/Tech/I-SecureLinks4.html
**
Roman Zeltser,
@National Computer Center,
RSIS & DNE
-Original Message-
From: Grantham, Scott [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 2:20 PM
To: [EMAIL PROTECTED]
Subject: [FW1] F
Scott,
There are a number of open source options to meet your needs. Check phoneboy for
the names and locations. We also have used WebTrends Firewall Suite, but it has
problems handling tons of data. We generate 200-300 mb log files daily with short
logging turned on.
Jim Driskell
"Grantham
Hi
Some time ago I found out an Access DB. Find it enclosed...check it out &
lemme know
Lorenzo
- Original Message -
From: "Grantham, Scott" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 24, 2001 8:19 PM
Subject: [FW1] Firewall Log Management
>
> Does anyone know
Hello,
Here's phoneboys search result :
http://www.phoneboy.com/faq/0032.html
Regards,
Werner
-Original Message-
From: Grantham, Scott [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 8:20 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Firewall Log Management
Does anyone know
Anuraq,
Read Lance Spitzner document about this, it's called
"Building your FireWall Rulebase".
It can be found at the following URL : http://www.enteract.com/~lspitz/rules.html
Met vriendelijke groeten - Bien à vous - Kind
regards
Guy ROELANDTSEMEA GS Internet Expertise Centre - CCS
Check the file
cpmgmt.aud in $FWDIR/log. I don’t know if it is there on those NT things, but
under Solaris, it work beautifully. It won’t show you log in data, but it will
tell you policy changes.
Cheers,
Craig
-Original
Message-
From: "Schönfelder,
Sven" [mailto:[EMAIL P
Entries are made in the following log files:
Version 4.0 - fwui.log
Version 4.1 - cpmgmt.aud
Joe
- Original Message -
From: Tucker, Tom
To: [EMAIL PROTECTED]
Sent: Monday, August 27, 2001 4:14 PM
Subject: [FW1] Firewall Managmenet Logging - Administrator Activity
Does CheckPoint
Tom,
NG provides this funcionality.
Best regards
Aylton
- Original Message -
From:
Tucker, Tom
To: [EMAIL PROTECTED]
Sent: Monday, August 27, 2001 4:14
PM
Subject: [FW1] Firewall Managmenet
Logging - Administrator Activity
Does CheckPoint log w
It when a packet is destined for a device but sourced from that device.
Variables
Client 10.10.10.10
Sever 11.11.11.11
Client spoofs 11.11.11.11 and send a packet destined for 11.11.11.11 which
results in a loop back condition and could cause the server to slow or stop.
This is a CPMAD IDS
You can execute these from the management station. The GUI allows you to
connect to the management station and do those things the gui way.
George
-Original Message-
From: Bharat Kakkad [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 07, 2001 3:34 AM
To: checkpointMail (E-mai
More
info needed,
Just someone on the outside trying to ping you or
something else with ICMP,
look
at the Info. Column in the log viewer and check the ICMP Type and
Code,
that
will tell you more ... if its ICMP Type 0, it's a reply, if it's type 8 it's
an
echo
... and so on. Without
And even then if you are running SP2, there is a specific package that it
must be.
--
Juan Concepcion
Network Security Consultant
[EMAIL PROTECTED]
On 2001.07.13 09:09 Jason Costomiris wrote:
>
> On Thu, Jul 12, 2001 at 11:15:58AM -0500, Julio C. Quiros L. wrote:
> :
> : Hello I would like to
Hi,
According to the Release Notes it seems you need 4.1-SP2 on IPSO 3.3
4.1-SP1 was for IPSO 3.2 and 3.2.1
Met vriendelijke groeten - Bien à vous - Kind regards
Guy ROELANDTS
EMEA GS Internet Expertise Centre
Compaq Software Engineer - Belgium
E-mail : [EMAIL PROTECTED]
Tel: +32(02)7
On Thu, Jul 12, 2001 at 11:15:58AM -0500, Julio C. Quiros L. wrote:
:
: Hello I would like to know if Firewall-1 4.1 SP1 runs on IPSO 3.3
No. You *must* be on at least 4.1 SP2 to run on IPSO 3.3.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org |
01/06/26 07:22 PM ---
To: Tomomi Furukubo <[EMAIL PROTECTED]>,
[EMAIL PROTECTED]
cc:
From: Kohichiroh Watanabe/Japan/IBM@IBMJP
Subject: Re: [FW1] Firewall-1 on Redhat 6.2 (Document link: Kohichiroh
Watanabe)
Hi forks.
Did you check /var/log/messag
Hi forks.
Did you check /var/log/messages about this failure?
More detailed information will be stored there.
The problem might be caused because FW-1's SMP kernel mod
is designed especially for kernel 2.2.14 but RHS 6.2 uses 2.2.16.
So,try UP kernel.
regards.
/* IBM Japan,Ltd.
Stewart,
I am running a eval on Websense also.
As far as I know about it, you nderstanding regarding the licensing of
Websense is correct. One ip, one license.
One thing I have noticed with sending all traffic thru the WebSense server
is that it slows everything down remarkabley.
I do not htink
Title: firewall logs only interanal nbname,nbdatagram services
1) In the rulebase, check the cleanup (last, default
drop) rule is logging.
2) Is there another route to your ISP ? If NT, is FW-1
looking after IP forwarding, if Solaris etc, have you configured the fwstop
script to disable IP
It sounds like you've got a "wire crossed". My guess would be that there's
still a path around the firewall, to the Internet, as what it sounds like
you're seeing is broadcast traffic. Make sure the firewall is the only
path IN/OUT of your network, and then verify routing is correct. Hope this
Thanks to:
Chris F <[EMAIL PROTECTED]>
and
Assaf. <[EMAIL PROTECTED]>
who responded with recommendations:
SecurePoint
- Checkpoint FireWall-1 Archive
and
ftp://ftp.ealaddin.com/pub/manuals/stop%20spammers.pdf
Turned out to be my debugging technique ( I think). The key that I twigged
on to was tha
I have two set to 16 and two set to default. I set the two to 16 meg about
18 months ago because of problems I was getting that went away after the
tweaks.
-- Joe
At 06:17 AM 3/13/01, Tim Parker wrote:
>Juan -- Thanks but that I already knew. What I am looking to find out is,
>how others i
16 MB. But
I still think that number should be higher, personally. So I am looking for
actual info from other users. Thanks.
Tim
-Original Message-
From: Juan Concepcion [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 13, 2001 2:07 AM
To: Tim Parker
Subject: RE: [FW1] Firewall/Network Perfor
Does anyone know why the policy editor may crash intermitantly when
downlaoding the policy?? checkpoint 4.1 on nokia ip330 ipso 3.2.1
Thanks
To unsubscribe from this mailing list, please see the instructions
David,
I just recently upgraded from NT4.0 SP4 firewall 4.0 SP3. I first upgraded
to NT4.0 SP5 and then upgrade to firewall-1 v4.0 SP5 (SP5 for v4.0 is on
the v4.1 CD). I then installed v4.1 along with SP1 for both the fw module
and mgmt module. (this is automatic) I then upgraded both the F
Shalom shlomi,
Yes, there is HA capabilities in the 4.0 platform. This does not extend to user
auth, or vpns. (Actually, to any of the security servers.)
You will require some third party product to handle the actual failover process, but
FireWall-1 does allow for the same sync.conf file in the
>
> > > > > > >
> > > > > > > Couldn't agree more. The ultra60 is such a nice desktop :). I fully
>believe
> > > > > > > in single purpose firewalls. Why waste cpu cycles on any other task.
> > > > > > >
&g
gree more. The ultra60 is such a nice desktop :). I fully believe
> > > > > > in single purpose firewalls. Why waste cpu cycles on any other task.
> > > > > >
> > > > > > Have you tried any gigbit adapters at fast ethernet speeds? (Or has
>an
ng
> > > > that the faster the drive, the faster the logging. Does that increase fw1
> > > > performance at all? I would think that it would at least reduce the memory
> > > > footprint a bit (If log entries are buffered in memory before being
> > > > wri
L PROTECTED]
> Sent: 2/10/01 11:23 PM
> Subject: Re: [FW1] FireWall-1 and Dual CPU machine
>
>
> Come on people, HOW MANY TIME DOES IT HAVE TO BE STATED-
>
> FIREWALL-1 IS NOT MULTITHREADED. If you run security servers, they can
> run multiple
> instances wit
ers at fast ethernet speeds? (Or has anyone?)
> > > > > I'm wondering if that is not the *best* way to get maximum performance.
> > > > >
> > > > > Has anybody got any references for how disk speed affects fw1? I'm assuming
> > > >
fw1
> > > performance at all? I would think that it would at least reduce
the memory
> > > footprint a bit (If log entries are buffered in memory before
being
> > > written.) Comments anyone?
> > >
> > > Cheers,
> > > Craig
> > >
>
ance at all? I would think that it would at least reduce the memory
> > > footprint a bit (If log entries are buffered in memory before being
> > > written.) Comments anyone?
> > >
> > > Cheers,
> > > Craig
> > >
> > > - Original Message
> > performance at all? I would think that it would at least reduce the memory
> > > footprint a bit (If log entries are buffered in memory before being
> > > written.) Comments anyone?
> > >
> > > Cheers,
> > > Craig
> > >
>
riginal Message -
> > From: "Peter Lukas" <[EMAIL PROTECTED]>
> > To: "Craig Skelton" <[EMAIL PROTECTED]>
> > Cc: "William Pope" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
> > <[EMAIL PROTECTED]>
> > Sent: T
;Craig Skelton" <[EMAIL PROTECTED]>
> Cc: "William Pope" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> Sent: Tuesday, February 06, 2001 6:43 AM
> Subject: Re: [FW1] FireWall-1 and Dual CPU machine
>
>
> > THis is pr
:
SiegeWorksWebSite: http://www.siegeworks.com/Security
Installation, Training and
Consulting-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
- Original Message -
From:
Damon Starkey
To: 'Arie Gilboa' ; 'fw-1 Mailinglis'
Sent: Monday, February 05, 2001 7:15
AM
, 2001 6:00 PM
> To: Carric Dooley; [EMAIL PROTECTED];
> [EMAIL PROTECTED]
> Subject: Re: [FW1] Firewall-1 on Sun 220R, any problems?
>
>
>
> We use the 220R with only one processor and cluster them with
> Stonebeat. No
> problems. If you want a 220R as a mgmt server y
I installed on E220R. The performance is much better than my previous machine
(Ultra 2).
Rajesh.
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: [FW1] Firewall-1 on Sun 220R, any problems?
> Date: Tue, 6 Feb 2001 16:15:40 -0500
> MIME-Version: 1.0
>
>
> Hi all,
> Has any
-
From: "Carric Dooley" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, February 06, 2001 13:52
Subject: Re: [FW1] Firewall-1 on Sun 220R, any problems?
>
> I think the problem you will run into unless you have an internal mgt
> co
nt: Tuesday, February 06, 2001 5:21 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: [FW1] Firewall-1 on Sun 220R, any problems?
>
>
>
>
> > How well do these boxes perform under a heavy load?
>
> Very well. I've installed a Rainwall Cluster,
> How well do these boxes perform under a heavy load?
Very well. I've installed a Rainwall Cluster, two E220R's the client had
a DS3 and plus 12 or so T-1's. They have a great amount of bandwidth but
not a great amount of load. I never saw the network go over 20Mbps.
=
us/
>
>
>
> > -Original Message-
> > From: Carric Dooley [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, February 06, 2001 4:52 PM
> > To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> > Subject: Re: [FW1] Firewall-1 on Sun 220R, any problems?
> >
> &g
[EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: [FW1] Firewall-1 on Sun 220R, any problems?
>
>
> I think the problem you will run into unless you have an internal mgt
> console with lots of disk is space. You can only put 2 drives
> in a 220R. If
> it's just an e
I think the problem you will run into unless you have an internal mgt
console with lots of disk is space. You can only put 2 drives in a 220R. If
it's just an engine, I have a site using a pair of 220R's with dual 450Mhz
CPU's - 1G of RAM (it never uses more than about 280MB), and it seems to
wor
e being
written.) Comments anyone?
Cheers,
Craig
- Original Message -
From: "Peter Lukas" <[EMAIL PROTECTED]>
To: "Craig Skelton" <[EMAIL PROTECTED]>
Cc: "William Pope" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Cc: "William Pope" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, February 06, 2001 9:43 AM
Subject: Re: [FW1] FireWall-1 and Dual CPU machine
>
> THis is precisely what the Nokia folks realized in their devices. A
> celeron with 6
Cc: "William Pope" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, February 06, 2001 9:43 AM
Subject: Re: [FW1] FireWall-1 and Dual CPU machine
>
> THis is precisely what the Nokia folks realized in their devices. A
> celeron with 6
Greetings!
Peter Lukas schrieb:
> celeron with 64MB is going to do just as well when pusing policy as a Sun
> Ultra60 (can you believe these are being used as firewalls? Nice graphics
> on your "headless" firewall).
This is why a E220R or Netra might be a better choice. Or a simple U5 as
Sun'
the doc id 1442 (white papers/ tech bulletins).
>
> Cheers,
> Craig
>
> ----- Original Message -
> From: "Peter Lukas" <[EMAIL PROTECTED]>
> To: "William Pope" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Monday, Februar
Hi Bob/All --
I did!!!
Here's what I can remember from the top of my head:
* Be sure you're running at least v4.0 SP3
* Determine if you want backward compatibility (the
ability to manage v4.0 and v3.0 firewalls). There are
special guidelines to follow if you do. I did NOT, so
I can't help yo
or the doc id 1442 (white papers/ tech bulletins).
Cheers,
Craig
- Original Message -
From: "Peter Lukas" <[EMAIL PROTECTED]>
To: "William Pope" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, February 05, 2001 6:42 PM
Subject: RE: [FW1] Fire
orm?
>
> Dan Guinn
> NetStar Communications
>
> -Original Message-
> From: Vincent, Mike [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 05, 2001 10:59 AM
> To: 'Damon Starkey '; ''Arie Gilboa' '; ''fw-1 Mailinglis'
al Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Vincent,
> Mike
> Sent: Monday, February 05, 2001 10:59 AM
> To: 'Damon Starkey '; ''Arie Gilboa' '; ''fw-1 Mailinglis' '
> Subject: RE: [FW1] FireWa
CTED]]On Behalf Of Vincent,
Mike
Sent: Monday, February 05, 2001 10:59 AM
To: 'Damon Starkey '; ''Arie Gilboa' '; ''fw-1 Mailinglis' '
Subject: RE: [FW1] FireWall-1 and Dual CPU machine
Checkpoint did release a multi-threaded device driver to acc
My understanding is that the main FW-1 driver is single-threaded, so it
does not take advantage of additional CPUs. Other minor CP processes
might be multi-threaded, but not enough to make a big difference.
I've read that the latest SP3 can be configured to use additional
processors as psuedo-V
What about on the RedHat platform?
Dan Guinn
NetStar Communications
-Original Message-
From: Vincent, Mike [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 05, 2001 10:59 AM
To: 'Damon Starkey '; ''Arie Gilboa' '; ''fw-1 Mailinglis' '
: Monday, February 05, 2001 18:20
To: Arie Gilboa; FW1 List (E-mail)
Subject: Re: [FW1] FireWall-1 and Dual CPU machine
Hi,
the firewall is programmed in a "single-threaded" manner, which in
effect means it doesn't use a second CPU. This answer concerns FW-1 4.0.
I don't thi
Hi,
the firewall is programmed in a "single-threaded" manner, which in
effect means it doesn't use a second CPU. This answer concerns FW-1 4.0.
I don't think that this changed.
Further I do not know whether e.g. the cryptographic stuff is also
single-threaded. I never inquired for that.
regards
Checkpoint did release a multi-threaded device driver to accelerate
encryption and decryption on SMP SPARC/Solaris and Windows NT systems.
-Original Message-
From: Damon Starkey
To: 'Arie Gilboa'; 'fw-1 Mailinglis'
Sent: 2/5/01 10:15 AM
Subject: RE: [FW1] Fir
At 09:43 AM 2/5/01, Arie Gilboa wrote:
Hello!,
I would like to instal CP-2000 on Dual CPU
Solaris machine.
Does CP-2000 software know to use more than one
CPU ?.
Yes.
Is there any
special configuration which should be done ?.
No.
Thanks,
Arie Gilboa
You're welcome.
-- Joe
I was told
no when I went through the Checkpoint Certification. It benefits from a good amount of memory.
Damon Starkey
Network Administrator
Digital Access Corporation
-Original
Message-
From: Arie Gilboa [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 05, 2001
9:44 A
I'm sure someone will correct me if I am wrong but it would seem to make
more sense to move your WWW and other servers to the DMZ, give them the
111.111.111.0 network and NAT your internal network. I am assuming you only
have one Class C network so are limited internally to the 256 addresses but
James,
thanks for this, however we actually have 8 /24 networks currently...but it
would take a lot more work to NAT the entire 256 address than to assign the
www et al illegal addressesbut I take on board what you've said and
consider it a bit more fully...so thanks.
My firewall current
PROTECTED]
Subject: RE: [FW1] Firewall to Firewall VPN
Try to define the FW1 object to be gateway and have all the interfaces
defined correctly on FW2 management station. Maybe FW2 receives the packet
that originates from the incorrect IP and rejects it.
Check to see if the shared secret match
Try to define the FW1 object to be gateway and have all the interfaces
defined correctly on FW2 management station. Maybe FW2 receives the packet
that originates from the incorrect IP and rejects it.
Check to see if the shared secret matches on both firewalls.
Cheers,
Michael.
-Original Me
Hi!
The URL with national characters in HTTP Query
(see RFC 2068 for details) is locked if
Content Security for HTTP is used :-(
"http://www.yandex.ru/yandsearch?text=Банк" - "Malformed request".
Best regards,
Igor Miturin
P.S. Sorry for my english.
- Original Message -
From: "Shadri
Personally I have never done such an upgrade. When ever I go through a
major version change I rebuild the box from scratch.
It clears out so much stuff (security / bugs / patches / old rules / ...)
and give you confidence in the system.
Rebuild the rules also as newer version come with a differe
Rales,
It depends on where it is coming from. If it have an static IP, you can
create a network object fro that workstation.
Create a rule:
SourceDestinationService
new object -> host behind FW -> PCAnywhere
Right click on the "Service" and Add, lo
Title: RE: [FW1] Firewall-1 and pcAnywhere v9.0
We do it. We have all the servers we want to control in a group and the pcAnywhere protocols are in a group.
Any SupportGrpServers pcAnywhereGrp accept long gateway
The pcAnywhereGrp group has the following protocols
Nokia System watch, ISS.
From: [EMAIL PROTECTED]
To: "Fw-1-Mailinglist (E-mail)" <[EMAIL PROTECTED]>
Subject: [FW1] Firewall Management
Date: Thu, 04 Jan 2001 09:26:48 +0800
Hi,
Goal
To fully managed Nokia Firewalls infrastructure in a large enterprise by
network
& system performance repor
I have been able to get this to work with 4.1SP2 on Solaris 7
with SR 4165, but much depends on the NAT device behind
which the SR client sits. I've tried it behind a Cisco 675 DSL
router, and can say conclusively that it only sometimes works.
Two SR clients behind the 675 will definitely *not* w
This did NOT get fixed in SP2. No time frame on when.
Kevin
-Original Message-
From: Kumar, Prashanth [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 15, 2000 12:19 PM
To: [EMAIL PROTECTED]
Subject: [FW1] firewall sp2 and securemote behind nat
Hi,
SP2 patch was supposed to fix t
Dan,
I just wanted to let you know that when I called, all I got was an answering
machine. Then I did not receive a call back. I had to send email to even
get a response from your company. That does not sound like improved service
to me.
I just wanted to let you know that I am less than impr
s,
Michael.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 01, 2000 11:00 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [FW1] FireWall-1, 4 connections, and a hammered processor
...
Hey Frank,
It's a pretty
kde.state.ky.us/
> -Original Message-
> From: Frank Darden [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 01, 2000 2:24 PM
> To: '[EMAIL PROTECTED]';
> [EMAIL PROTECTED]
> Subject: RE: [FW1] FireWall-1, 4 connections, and a hammered
> processor ...
>
>
>
You bet I have. However, I will need a bit more info on your
configuration.What
FW version, Are you using NAT? Where? When you say that you increased the
connection table, did you also increase the hash size as well? What exactly
did you change? If you could provide the info above, I may be able
[mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, November 14, 2000 8:44 PM
> To: Firebird
> Cc: Aylton Souza, CISSP; Oliver Ehrmann;
> [EMAIL PROTECTED]
> Subject: Re: [FW1] Firewall-1 cp2000 on soalris 8
>
> Hi All,
> Actually, my scenario is the firewall could work perfectly af
PROTECTED]
Subject: Re: [FW1] Firewall-1 cp2000 on soalris 8
Hi All,
Actually, my scenario is the firewall could work perfectly after i start
it
manually.(fwstart or using the /etc/rc3.d/S99firewall1). However, it just
can't
start automatically when the OS reboot. My server is actually
Hello Frank,
> But Xlibraries are still needed correct? (in order to display FW GUI) So
if he
> already has CDE installed
> and doesnt mind the performance hit with it running there should not be a
problem,
> security wise, correct?
When you have the Motif license and want to use the GUI
ked boot time root.
Volume Manager will have already started and mounted your mirrored volumes at that
point in the startup scripts.
Frank D'Urso
> - Original Message -
> From: "Yaw Yee Chong" <[EMAIL PROTECTED]>
> Sent: Wednesday, November 15, 2000 2:44 AM
ISSP" <[EMAIL PROTECTED]>; "Oliver Ehrmann"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, November 15, 2000 2:44 AM
Subject: Re: [FW1] Firewall-1 cp2000 on soalris 8
> Hi All,
> Actually, my scenario is the firewall could work perfe
t;
> > -Mensagem original-
> > De: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]Em nome de
> > Firebird
> > Enviada em: Tuesday, November 14, 2000 12:23 PM
> > Para: Oliver Ehrmann; Yaw Yee Chong;
> > [EMAIL PROTECTED]
> > Assunto: Re: [FW1]
> Enviada em: Tuesday, November 14, 2000 12:23 PM
> Para: Oliver Ehrmann; Yaw Yee Chong;
> [EMAIL PROTECTED]
> Assunto: Re: [FW1] Firewall-1 cp2000 on soalris 8
>
>
>
> Hello Oliver,
>
> It runs quite fine on my side, thought there're problem with
hrmann" <[EMAIL PROTECTED]>
To: "Yaw Yee Chong" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, November 14, 2000 3:24 PM
Subject: Re: [FW1] Firewall-1 cp2000 on soalris 8
>
> Hi,
>
> yes, you are using the wrong Solaris version. Checkpoint on
Hi,
yes, you are using the wrong Solaris version. Checkpoint only supports
Solaris up to version 7. When
I tried to run Firewall-1 on Solaris 8 my fwd crashed all the time.
Regards,
Oliver
- Original Message -
From: "Yaw Yee Chong" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tu
Elaborating on Jeff's response, make sure that you have not unchecked the
'Allow firewall-1 control connections' under policy properties without
having created a group of users (gui-clients) who will have access to the
mgt server.
CT
Amanda Acheson wrote:
When
I try to install a policy using my
It
sounds like you may be connecting to your management console through the
firewall, and the new policy blocks your GUI client session. Make sure
you're allowing FW1 traffic from your client PC to your management
console.
-Original Message-From: Amanda Acheson
[mailto:[EMAIL
mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 08, 2000 4:19 AM
To: 'Raghavan M Ramanujapuram';
'[EMAIL PROTECTED]'
Subject: RE: [FW1] Firewall-1 & Local Director HELP !!
I'm not clear on what you are want here. It sounds like you are trying to
get the firewall to do th
I'm not clear on what you are want here. It sounds like you are trying to
get the firewall to do the load balancing.
The three web servers are defined within a service on the LD and given an
loadbalancing IP address (plus the virtuals). If this address is not
internet legal, then you just nee
Billy,
Trust me, they do have to be separate. But if you are concerned about cost, and you
are, I presume from your mail-sig, an educational institution, you could call your
local checkpoint office and talk to someone about educational discount.
For SC, I believe you would call atlanta office..
Things seem to be missing, for example in user properties i do not have an
encryprion tab, any ideas?
Cheers
Richard
-Original Message-
From: Daniel Corod [mailto:[EMAIL PROTECTED]]
Sent: 12 October 2000 13:07
To: Thornton, Richard
Subject: Re: [FW1] Firewall-1 4.1 VPNs
You need
1 - 100 of 222 matches
Mail list logo
