Firewall Wizards mailing list archives
RE: port 256/257 and firewall-1
From: Scott Blake <blake () netegrity com>
Date: Wed, 22 Oct 1997 09:33:47 -0400
I concur with Errol. I've done some limited testing of these ports and they appear to be reasonably safe against DoS attacks (I'd love to hear if someone knows otherwise). You should note that the FireWall-1 Control Connections include UDP on ports 161 (snmp) and 260 (fw-1 snmp). Unchecking the box will also disable SNMP on the interfaces you don't explicitly open. -s Scott Blake, Network Security Architect Netegrity, Inc. blake () security com
-----Original Message----- From: Weiss, Errol S. [SMTP:errol () cip saic com] Sent: Sunday, October 19, 1997 2:09 AM To: George Wang; firewall-wizards () nfr net Subject: RE: port 256/257 and firewall-1 My take on this, from Checkpoint, is that the ports are "proprietary" Checkpoint ports and provide: 1) Firewall module and management station services 2) Download of the rule base 3) Systems status The services can be disabled under the Firewall Policy/ Properties and uncheck the "Accept Firewall-1 Control Connection" box. I certainly wouldn't have the ports accessible on an untrusted interface. Errol Errol S. Weiss errol () cip saic com SAIC Center for Information Protection (703) 556-7366 Office (800) CIP-1214 CIP-Central (888) 602-4537 Pager http://www.saic.com/internet/cyber_security.html-----Original Message----- From: George Wang [SMTP:wangw () SINGNET COM SG] Sent: Thursday, October 16, 1997 8:46 AM To: firewall-wizards () nfr net Subject: port 256/257 and firewall-1 Hi, I have configured the firewall-1's policy to only pass DNS and WWW, however when I do a port scan from external side, it reveals that ports 256/257 TCP also open. I think it's for firewall-1's control module.Could anyone tell me whether there is any risk for this and is it necessary to explicitly add a filtering rule to reject pkts destined for these ports from external side? thanks for any advice.
Current thread:
- port 256/257 and firewall-1 George Wang (Oct 17)
- <Possible follow-ups>
- RE: port 256/257 and firewall-1 Weiss, Errol S. (Oct 19)
- RE: port 256/257 and firewall-1 Scott Blake (Oct 22)
- RE: port 256/257 and firewall-1 Paul D. Robertson (Oct 23)