Re: [FW-1] .mp3 , .exe

Subject:	Re: [FW-1] .mp3 , .exe
From:	Charalambos Klitiropoulos <klitiro AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 10 Jun 2005 20:08:35 +0300

No matter how good of a firewall FW-1 is, it still has its
limitations. Although FW-1 was originally a stateful packet inspecting
firewall, it has evolved to be also an application layer firewall, but
only for a few protocols. With FW-1 (alone) you can inspect HTTP, FTP,
SMTP and SMB sessions. From these four, you can block files over HTTP,
FTP and SMTP sessions. The problem is that FW-1 can recognize files
only from their filenames or extensions. For example, you can
configure FW-1 to drop an HTTP request for *.exe files, but it will
not recognize a .exe file renamed to .txt.  If you need more control,
what you need is some sort of content checking server (HTTP proxy,
mail relay etc) or a CVP product, like Van Wageningen Gerhard
suggests. With the latter solutions you have the advantage of dropped
connections being logged in FW-1's log (if you would like that).

On 6/9/05, Ilker AKSU <ilker.aksu AT kaner DOT net> wrote:
> How can I block, mp3, or exe files. I have Checkpoint NG
> 
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] .mp3 , .exe, Ilker AKSU Re: [FW-1] .mp3 , .exe, Jean-Francois Gobin Re: [FW-1] .mp3 , .exe, Ilker AKSU Re: [FW-1] .mp3 , .exe, Charalambos Klitiropoulos <= Re: [FW-1] .mp3 , .exe, Van Wageningen Gerhard <gerhardv AT sun.ac DOT za> [FW-1] Smart Dashboard Error, Robert Lagazo Re: [FW-1] Smart Dashboard Error, Ray

Previous by Date:	Re: [FW-1] is it possible to configure HideNAT in PIX ?, Karthik Chandrashekar
Next by Date:	Re: [FW-1] SmartView Status fails to start, Mark Senior
Previous by Thread:	Re: [FW-1] .mp3 , .exe, Ilker AKSU
Next by Thread:	Re: [FW-1] .mp3 , .exe, Van Wageningen Gerhard <gerhardv AT sun.ac DOT za>
Indexes:	[Date] [Thread] [Top] [All Lists]