Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication

Subject:	Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication
From:	Dion-ben Hendriks <D.Hendriks AT INFO.UMCN DOT NL>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 29 Apr 2005 09:06:08 +0200

Hi Michel,

Yes its clear text, and Yes you can make it secure with https..
You should edit $CPDIR/conf/fwathd.conf and add a line like
950     fwssd       in.ahclientd    wait    950 ssl:defaultCert

this starts https:// clientauthb at port 950 with the defaultCert as 
certificate.

Dion

> -----Oorspronkelijk bericht-----
> Van: Mailing list for discussion of Firewall-1
> [mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]Namens Michel
> Lapointe
> Verzonden: donderdag 28 april 2005 17:23
> Aan: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Onderwerp: [FW-1] How to secure/encrypt HTTP/Telnet client
> authentication
>
>
> Hello,
>
>         I would like to know checkpoint client authentication
> over port
> 259(telnet) or 900(http) is secured or does it transmit username and
> password in cleartext?
>
>         If it does transmit in clear text, is it possible to secure it
> like implementing https on port 900 or any other port?
>
> Thank
>
> Michel Lapointe
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
>
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] How to secure/encrypt HTTP/Telnet client authentication, Michel Lapointe Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Konstantin M. Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Dion-ben Hendriks <= Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Michel Lapointe [FW-1] Tool to testing Ports with TTL, Mike Feetham Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Michel Lapointe

Previous by Date:	[FW-1] Mac VPN client seems to cause routing issues on OS 10.3.9, Alan Choyna
Next by Date:	Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Konstantin M.
Previous by Thread:	Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Konstantin M.
Next by Thread:	Re: [FW-1] How to secure/encrypt HTTP/Telnet client authentication, Michel Lapointe
Indexes:	[Date] [Thread] [Top] [All Lists]