Re: [FW-1] Antwort: [FW-1] Microsoft-ds Traffic

Subject:	Re: [FW-1] Antwort: [FW-1] Microsoft-ds Traffic
From:	Alexander Simbun <alexals AT KKIPC DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 14 Mar 2006 17:21:46 +0800

Hi Thomas,

In your previous post as quote

"For a better performance on the intranet just add a second cleanup ruleat the end that rejects all the unauthorized traffic from the intranetto the internet."Do you mean the last rule of policies or it just a rule which rejectsall unauthorized traffic from intranet? Can you give a sample rule asyou mentioned in your previous post? I'm kinda curious here.


Thanks. Regards, Al.

Thomas Seher wrote:

Hi Claudia,

SmartDefense is intended to block irregular traffic, e.g. large ping
packets. It also blocks known attack ports.
The microsoft-ds traffic is regular, it would be interesting which site
should be contacted in the internet. When the destination IP starts with
207.46.a.b it's in most cases the automatic software update process that
tries to contact the Microsoft update sites.
For a better performance on the intranet just add a second cleanup rule at
the end that rejects all the unauthorized traffic from the intranet to the
internet. Then the clients get the RST packets an don't hold half open
sessions until the timeout occurs.

Mit freundlichen Grüßen/Kind regards/AttentamenteThomas Seher------------------------------------------------DEKRA AG* Abt.: HE22*Tel.: ++49 711 7861 2600 * Fax: ++49 711 7861 2241thomas.seher AT dekra DOT com * http://www.dekra.com------------------------------------------------

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [FW-1] Antwort: [FW-1] Microsoft-ds Traffic, Alexander Simbun <= [FW-1] Antwort: Re: [FW-1] Antwort: [FW-1] Microsoft-ds Traffic, Thomas Seher Re: [FW-1] Antwort: [FW-1] Microsoft-ds Traffic, Hal Dorsman

Previous by Date:	Re: [FW-1] Site to site VPN between CP NGX R60 and Fortigate, SIBEL MEREY
Next by Date:	[FW-1] Categorizing HTTP traffic, J K
Previous by Thread:	[FW-1] WSE0020008, Verweyen, Dirk
Next by Thread:	[FW-1] Antwort: Re: [FW-1] Antwort: [FW-1] Microsoft-ds Traffic, Thomas Seher
Indexes:	[Date] [Thread] [Top] [All Lists]