This has to be done in a different way from the main thrust of firewall
technology. It involves analysis of bitstream content - and this is an extra.
Is this true? CVP - the checkpoint Content Vectoring Protocol is a way of
routing internet content (rather than connection) to another checkpoint - a
filter that analyzes the bitstream for signatures (which can change
insignificantly and render the detection filter stupid). This is another
world, another server and another form of internet security technology that is
still embryonic. If your requirement is dropping .exe email attachments then
there are solutions (like exescan). I would love to know how to filter out
http port 80 tunnels that have malicious intent.
G
________________________________
From: Mailing list for discussion of Firewall-1 on behalf of Ilker AKSU
Sent: Thu 2005/06/09 04:22 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] .mp3 , .exe
how
----- Original Message -----
From: "Jean-Francois Gobin" <gobin AT GOBINJF DOT BE>
To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Sent: Thursday, June 09, 2005 5:15 PM
Subject: Re: [FW-1] .mp3 , .exe
> You can configure a resource or define it in the "Worm catcher"
>
> jF
>
>
> On Thu, 9 Jun 2005, Ilker AKSU wrote:
>
> > How can I block, mp3, or exe files. I have Checkpoint NG
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
> >
>
> ----------
> Jean-Francois Gobin - Administrateur gobinjf.be
> http://www.gobinjf.be mailto:gobin AT gobinjf DOT be
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
