--- Alex Butcher <alexat_private> wrote: > > Carmelo Floridia wrote: > > How can i discover in a LAN the management module > > or the PC that run FW-1 GUI? > > You won't be able to discover the host running the > GUI other than by sniffing the network and finding a > host that's communicating with the > management module. IIRC, the protocol used is > 258/tcp. I've seen a couple incorrect postings to the list of the GUI->MC port number. Port 258 TCP is the traditional port that the MC listens on for GUI connections. Keep in mind that some deviant types (myself included) tunnel the GUI over SSH w/port forwarding, just to make life on the hackers harder, and provide an additional layer of auth. You might be able to infer which hosts run the GUI in a LAN w/o snooping by firewalking any firewall between the GUI and the MC. Ideally, MC's are behind firewalls themselves, not sitting around on the LAN. Ideally... As far as discovering the MC, it typically listens for multiple things besides the GUI client connection. For example, it listens for connections from VPN clients for topology downloads, IKE, cert stuff, etc... There's a whole range of ports from > 256 up thru 264, plus 900 and some others, OTTOMH. If you see a machine that fits this profile, you got a MC. Check www.phoneboy.com for the definitive list. Binky __________________________________________________ Terrorist Attacks on U.S. - How can you help? Donate cash, emergency relief information http://dailynews.yahoo.com/fc/US/Emergency_Information/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Sep 14 2001 - 12:15:42 PDT