Error :Tried to open a known service port(strange problem)

[munit_si@yahoo.com]

Experts,

I have a very strange problem here

I am getting this error , while making an ACtive FTP connection through the Firewall. It says port 5001 is being used in the erro, and makes smartdefense responsible for this as I have selected block all connections to all well defined services in Dynamic ports.



MY problem is , if go and search in my ports data base for TCP, there is no service defined on 5001, so is it a false positive or what ? why did checkpoint dropped the packets although there is no service defined on these dynamic ports used for port command in data connection.


Is disabling the option in smart defense a reliable solution(dynamic ports)



any help in this regard is highly appreciated

[RayPesek]

The problem with enabling that particular protection is when you have applications that use random ports, like Outlook on a remote laptop to an internal Exchange server.

I keep it off personally,

Ray

[munit_si@yahoo.com]

Thats fine , I got ur pointb ,but my question is why that particular services is not defined , then why we get this error at all.

Thanks
Munit

[jeetu_chaudhari]

Quote:

Originally Posted by RayPesek

The problem with enabling that particular protection is when you have applications that use random ports, like Outlook on a remote laptop to an internal Exchange server.

I keep it off personally,

Ray

Hi all Experts,

I was facing same problem then i tried according to checkpoint suggestion on
http://www.checkpoint.com/defense/ad...i-2003-11.html
Also i changed in dcerpc.def file as follows
#define ALLOW_135 0 to 1
But still it was not working,
Then when i disabled dynamic port protection mode it was working.
My Point is By disabling this what kind of attack can i expect & how should i prevent this ?
For protection temp. I blocked all 135 to 139 & 445 port on router.
Is it correct ?

Thanks,
Regards,
Jeetu