Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] Closing port 18264

from Ray [Permanent Link]
Subject: Re: [FW-1] Closing port 18264
From: Ray <sixsigma44 AT HOTMAIL DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Thu, 2 Jun 2005 16:13:09 -0400
Disable the control & remote access connection implied rules and manually create just the rules you need with the appropriate source and destination. Be in for some pain, though, and make sure you go through the SK knowledgebase looking for many articles on how to do this properly. 

Ray


From: Cheong Ket Vin <ketvin AT SILICON.COM DOT MY>
Reply-To: Mailing list for discussion of Firewall-1 <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM> 
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Closing port 18264
Date: Thu, 2 Jun 2005 18:05:09 +0800

Hi list,


We run penetration test lately on checkpoint FP3 running on Nokia IP350 box
and found that port 18264 is currently open.
I knew that 18264/tcp is FW1_ica_services for CheckPoint Internal CA to fetch CRL and User Registration Services. But is there anyway to shutdown that port 
on the interface facing internet ?


Thanks

********************* Confidentiality Notice **************************
This message contains confidential information and is intended only for
the individual named.  If you are not the named addressee you should
not disseminate, distribute or copy this e-mail.  Please notify the
sender immediately by e-mail if you have received this e-mail by
mistake and delete this e-mail from your system.
*****************************************************************

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] SPLAT Backups, Charalambos Klitiropoulos
Next by Date:  Re: [FW-1] Still not working, site-to-site VPN from NG R55 to Safe@Office 410w, Ray
Previous by Thread:  [FW-1] Closing port 18264, Cheong Ket Vin
Next by Thread:  Re: [FW-1] Closing port 18264, Cheong Ket Vin
Indexes:  [Date] [Thread] [Top] [All Lists]