On Wed, 11 Jul 2001, Johan Lindqvist wrote: > The original advisory > (http://www.inside-security.de/advisories/fw1_rdp.html) says that a > workaround is to "Deactivate implied rules in the Check Point policy editor > (and build your own rules for management connections).". I've not been able > to find any changes in the INSPECT code generated to confirm that not using > the implied rules from "Policy/properties/Security policy/Implied > rules/Accept VPN-1 & FireWall-1 Control Connection" If you run nmap against FW-1 you will notice different behaviour. Hugo. -- All email send to me is bound to the rules described on my homepage. hvdkooijat_private http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger.
This archive was generated by hypermail 2b30 : Thu Jul 12 2001 - 00:18:35 PDT