Re: [FW-1] SSL over FTP

Subject:	Re: [FW-1] SSL over FTP
From:	cisco4ng <cisco4ng AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 22 Mar 2005 18:39:11 -0800

What it means is that checkpoint tried to read the content inside the ftp 
session; however,
since the content is "encrypted" via SSL and checkpoint does not know or how to 
decrypt it,
it will think that this is an "attack" attempt.  If you go into smartdefense 
and under the ftp, go
into FTP bounce, and select "monitor only", your ftp over SSL will work.

cisco4ng

Raymond N <OutMail AT ARDENNET DOT COM> wrote:
I am using NG AI R55 Hotfix-12 on Nokia platform.
One of my users tries to do SSL over FTP with an external ftp server over
the Internet. The connection failed even at the control session (i.e. no
login prompt). Looking at the firewall log, the rule I have for outbound
ftp shows the traffic is allowed, but at the "Information" column, it has a
message about "Attack info: The packet was modified due to a potential
TELNET OPTIONS Bounce attack".

Can anyone tell me what this is? Again, the firewall log shows the traffic
is 'permit', but the ftp control session is still failed.

Thanks in advance for any info.

-raymond

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] SSL over FTP, Raymond N Re: [FW-1] SSL over FTP, cisco4ng <= Re: [FW-1] SSL over FTP, Raymond N Re: [FW-1] SSL over FTP, Previtera, Sal Re: [FW-1] SSL over FTP, Joe Pope Re: [FW-1] SSL over FTP, cisco4ng

Previous by Date:	Re: [FW-1] Managment Moving, Martin Hoz
Next by Date:	Re: [FW-1] SSL over FTP, Previtera, Sal
Previous by Thread:	[FW-1] SSL over FTP, Raymond N
Next by Thread:	Re: [FW-1] SSL over FTP, Raymond N
Indexes:	[Date] [Thread] [Top] [All Lists]