 FireWall allows remote "get topology" request
Hi all ,
Kindly help me to remove vulenrability in checkoint.
I recentlly done Vulnerabilty Assesment on chekpint mgmt server segment
I placed scanning machine in same segment of mgmt server.
Following low vulenrabilty is shown in scan report,
Fw1GettopoNoauth: FireWall-1 allows remote "get topology" requests without authentication
The Check Point FireWall-1/VPN-1 SecuRemote client requires knowledge of a network's topology before it can negotiate a VPN (Virtual
Private Network) connection. SecuRemote clients prior to version 4.0 do not encrypt or authenticate connections to the SecuRemote
Server, which could expose possibly sensitive network topology information to remote attackers. The client and server of SecuRemote
version 4.1 support string authentication and encryption of this data, but by default permit weaker, less secure connections for backward
compatibility. An attacker could take advantage of these weaker connections to obtain sensitive network topology information.
Remedy
Disable the FireWall-1 option "Respond to Unauthenticated Cleartext Topology Requests".
To disable this option from the FireWall-1 Policy Editor:
1. Open the FireWall-1 Policy Editor.
2. Select Policy --> Properties.
2. Click the Desktop Security tab.
3. Clear the "Respond to Unauthenticated Cleartext Topology Requests" check box.
I can't able to find remedy which is mention above.
If any one knows please reply to me.
Thanks,
jeetu  |