 | ||
 Disable port opened on CP NGX.....security server | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-11-16 | |||
| |||
 Disable port opened on CP NGX.....security server Hi All, Find the checkpoint NGX have list of tcp port opened from 1035 to 1042, 1071....etc. Tried to telnet to the port and got some banners like "220 Check Point Firewall-1 Secure FTP server running on xxx" "Check Point Firewall-1 authenticated Telnet server running on xxx" "Check Point Firewall-1 authenticated RLogin server running on xxx" I think it is the security server feature opened the port but checked the firewall and find didn't enable these feature before. Any idea on how to disable them? thanks in advace.. ..peter  |
| 2006-11-17 | |||
| |||
| Re: Disable port opened on CP NGX.....security server just create a rule that disallows to connect to those service(s) e.g. telnet auth sourcy:any dest:gw service:FW1_clntauth_telnet action drop set the rule(s) at the top of your ruleset __________________ misery is optional |
| 2006-11-17 | |||
| |||
| Re: Disable port opened on CP NGX.....security server Even better, reject/drop *all* traffic to your firewall and only allow connections to your firewall if they are really necessary. |
| 2006-11-17 | |||
| |||
| Re: Disable port opened on CP NGX.....security server Quote:
edit fwauthd.conf in $FWDIR/conf, locate the ports you want to remove e.g. 259 and remove the entire line, run cpstop, cpstart and service is gone __________________ misery is optional Last edited by Porter; 2006-11-17 at 03:21. |
| 2006-11-20 | |||
| |||
| Re: Disable port opened on CP NGX.....security server Hi, Create rule can block the traffic, however the port still in listen mode. So i prefer ways to stop the unnecessary process. the fwauthd.conf (see below) only have very little port , I can't find those port 1038......1042. 21 fwssd in.aftpd wait 0 80 fwssd in.ahttpd wait -4 513 fwssd in.arlogind wait 0 25 fwssd in.asmtpd wait 0 23 fwssd in.atelnetd wait 0 259 fwssd in.aclientd wait 259 10081 fwssd in.lhttpd wait 0 900 fwssd in.ahclientd wait 900 0 fwssd in.pingd respawn 0 0 fwssd in.asessiond respawn 0 0 fwssd in.aufpd respawn 0 0 vpn vpnd respawn 0 0 fwssd mdq respawn 0 0 stormd stormd respawn 0 0 sds sdsd respawn 0 0 dtps dtpsd respawn 0 0 dtls dtlsd respawn 0 rgds.. ..peter |
| 2006-11-23 | |||
| |||
| Re: Disable port opened on CP NGX.....security server hi expert, any idea to disable the security server services? thx. ..peter cheung |
| 2006-11-24 | |||
| |||
| Re: Disable port opened on CP NGX.....security server rlogin, secure ftp server are not started by default, only when you have rules where you're using resources somewhere in your ruleset __________________ misery is optional |
| 2006-11-27 | |||
| |||
| Re: Disable port opened on CP NGX.....security server Have a look at the global properties, and disable all options. Then specify all specific ports you require in the policy rules. NB: Ensure the rule(s) you create for the services you need are above the stealth rule. |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
