[FW-1] AW: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad

Subject:	[FW-1] AW: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad
From:	"Verweyen, Dirk" <verweyen AT KEMPER DOT DE>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 20 Jun 2006 13:10:31 +0200

Hi,

i think that´s a problem with SmartDefense. Look
into the Configuration and try some settings.

Regards, Dirk 

> -----Ursprüngliche Nachricht-----
> Von: Information Technology [mailto:it AT KARENITA DOT DE] 
> Gesendet: Dienstag, 20. Juni 2006 12:58
> An: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Betreff: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad
> 
> Hello,
> 
> last week, we upgrade from CheckPoint NG R55 to CheckPoint 
> NG-X R60 HFA03. Now we have problems with the microsoft 
> domain controler communication.
> 
> If the server A in our dmz to try to connect server B (domain 
> controler) we got often this alert:
> 
> Number: 192944
> Date: 19Jun2006
> Time: 16:35:13
> Product: SmartDefense
> Interface: eth-s1p2c0
> Origin: fw (192.168.1.1)
> Type: Alert
> Action: Reject
> Protocol: tcp
> Service: epmap-135 (135)
> Source: serverA (192.168.10.10)
> Destination: serverB (172.16.20.20)
> Source Port: 4740
> Attack Name: DCE-RPC Enforcement Violation Attack 
> Information: Source IP in port command is different than the Server IP
> 
> 
> Is there anybody who get this error message too??
> Is there anybody who know, how we can disable this check in 
> smart defense?
> 
> moelljoe
> 
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
> 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] AW: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad, Verweyen, Dirk <= Re: [FW-1] AW: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad, Information Technology Re: [FW-1] AW: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad, cisco4ng

Previous by Date:	[FW-1] Smart View Monitor NGX-R61 and IE6, Motta Corrado
Next by Date:	[FW-1] User autentication, Jørn Dahl-Stamnes
Previous by Thread:	[FW-1] Smart View Monitor NGX-R61 and IE6, Motta Corrado
Next by Thread:	Re: [FW-1] AW: [FW-1] CP VPN-1/FW-1 R60 HFA03 - DCE-RPC --> Source IP commad, Information Technology
Indexes:	[Date] [Thread] [Top] [All Lists]