Hi
After an upgraded to R54 we experience the following problems.
Alert Rejects on rule 998, which is this CP specific client-to-server
DCE RPC error.
We followed the solution as discussed under:
http://www.checkpoint.com/securitycenter/advisories/2003/cpai-2003-11.html
which is:
1.) Create specific DCE-RPC rules with you UUID
2.) replace dcerpc.def
3.) modify table.def
4.) restart CP
Unfortunately nothing has changed! We still have the rejects. We
even put now the ALL_DCE_RPC service in the specific rule, but
it still doesn't work!
Now we read in the release notes of R55 that there are several issues
resolved
with the DCE-RPC.
Now our questions:
- How can we turn this SmartDefense stuff off for the DCE-RPC????
- Did we something wrong (see steps above or in the link)????
- Did anyone else experience similar problems???
- If we upgrade to R55 is it enought to upgrade the management server
or do we need to upgrade also all the nodes?????
Any help would be highly appreciated.
Regards
Philippp
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
