Firewall Wizards mailing list archives

Re: Ports 256,257,258 open on FW-1

From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Fri, 11 Dec 1998 14:07:30 -0800


That means you've got "allow fw-1 control connections"
turned on in the properties screen.  Despite the
original FW-1 docs, that's a bad thing.  Check:

http://www.checkpoint.com/techsupport/snmp/config/snmpindex.html

                    Ryan





John Lauderdale <hkit () hk super net> on 12/10/98 07:59:31 PM

Please respond to John Lauderdale <hkit () hk super net>

To:   firewall-wizards () nfr net
cc:    (bcc: Ryan Russell/SYBASE)
Subject:  Ports 256,257,258 open on FW-1




I notice that ports 256,257,and 258 are open when our Firewall-1 is
portscanned.

Does anyone know what FW-1 uses these ports for?

Should those ports be visible from the Internet?

Regards,
John



Received: from tunnel.sybase.com ([130.214.231.88]) by ibwest.sybase.com
(Lotus SMTP MTA Internal build v4.6.2  (651.2 6-10-1998)) with SMTP id
882566D7.00627F6F; Fri, 11 Dec 1998 09:55:51 -0800
Received: from smtp1.sybase.com (smtp1 [130.214.220.35])
          by tunnel.sybase.com (8.8.4/8.8.4) with SMTP
       id JAA03683; Fri, 11 Dec 1998 09:55:52 -0800 (PST)
Received: from halon.sybase.com by smtp1.sybase.com
(4.1/SMI-4.1/SybH3.5-030896)
     id AA24015; Fri, 11 Dec 98 09:56:25 PST
Received: from nfr.net (tower.nfr.net [208.196.145.10])
          by halon.sybase.com (8.8.4/8.8.4) with ESMTP
       id JAA25366; Fri, 11 Dec 1998 09:54:52 -0800 (PST)
Received: (from lists@localhost)
     by nfr.net (8.8.8/8.8.8) id KAA23370
     for firewall-wizards-outgoing; Fri, 11 Dec 1998 10:15:01 -0600 (CST)
Received: (from fwiz@localhost)
     by nfr.net (8.8.8/8.8.8) id KAA23365
     for firewall-wizards () nfr net; Fri, 11 Dec 1998 10:14:58 -0600 (CST)
Received: from mongkok.hk.super.net (mongkok.hk.super.net [202.14.67.46])
     by nfr.net (8.8.8/8.8.8) with ESMTP id VAA05140
     for <firewall-wizards () nfr net>; Thu, 10 Dec 1998 21:58:13 -0600 (CST)
Received: from kwaifong.hk.super.net (root () kwaifong hk super net
[202.14.67.7])
     by mongkok.hk.super.net (8.8.8/8.8.8) with ESMTP id LAA08690
     for <firewall-wizards () nfr net>; Fri, 11 Dec 1998 11:59:33 +0800 (HKT)
Received: from is3.hk.super.net (hkit () is3 hk super net [202.14.67.36])
        by kwaifong.hk.super.net with SMTP
     id LAA14018 for <firewall-wizards () nfr net>; Fri, 11 Dec 1998 11:59:33
+0800 (HKT)
Date: Fri, 11 Dec 1998 11:59:31 +0800 (HKT)
From: John Lauderdale <hkit () hk super net>
To: firewall-wizards () nfr net
Subject: Ports 256,257,258 open on FW-1
Message-Id: <Pine.SUN.3.95.981211115321.1505A-100000 () is3 hk super net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-firewall-wizards () nfr net
Precedence: bulk
Reply-To: John Lauderdale <hkit () hk super net>

Current thread:

Re: Ports 256,257,258 open on FW-1, (continued)
- Re: Ports 256,257,258 open on FW-1 Chris Brenton (Dec 14)
  - Re: Ports 256,257,258 open on FW-1 Dave Whitlow (Dec 15)
    - Re: Ports 256,257,258 open on FW-1 Chris Brenton (Dec 15)
  - Re: Ports 256,257,258 open on FW-1 Randolf-Heiko Skerka (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Darren Reed (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Peter J. Cherny (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Lart (Dec 15)
  - RE: Ports 256,257,258 open on FW-1 Joe Ippolito (Dec 18)
- Re: Ports 256,257,258 open on FW-1 mark s. kassem (Dec 12)
- RE: Ports 256,257,258 open on FW-1 Houser David DW (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Ryan Russell (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Bruce B. Platt (Dec 18)
  - Re: Ports 256,257,258 open on FW-1 jgalvin (Dec 22)
    - RE: Ports 256,257,258 open on FW-1 Bruce B. Platt (Dec 24)
- RE: Ports 256,257,258 open on FW-1 jgalvin (Dec 24)
  - RE: Ports 256,257,258 open on FW-1 Scot Anderson (Dec 26)
  - Re: Ports 256,257,258 open on FW-1 Neil Buckley (Dec 28)
- RE: Ports 256,257,258 open on FW-1 Moser, Stefan (Dec 29)