CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We've just added two more speakers!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 6/9, 7/14, 8/25, 10/6, 11/3, 12/8.
3. We have new forums in Portuguese and German (see below).
4. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
5. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Services
Reload this Page "tried to open a known service port"
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2007-08-02
infrared013 infrared013 is offline
Junior Member
  
Join Date: 2006-05-23
Posts: 9
infrared013 has an average reputation (10+)
Default "tried to open a known service port"
I am hoping someone might be able to shed some light on an issue one of my customers recently having. During an FTP session the connection drops randomly and in the logs I see a rejected packet where the source port ha changed to something very bizarre such as edonkey_4661, shadyshell, subseven-g etc etc....we disabled the "prevent known port checking" in smart defense however the problem still continues.

If anyone has any information it would be greatly appreciated.

Thanks
Reply With Quote
  #2 (permalink)  
Old 2007-08-02
Danielpb Danielpb is offline
Senior Member
  
Join Date: 2006-10-23
Posts: 131
Danielpb has an average reputation (10+)
Default Re: "tried to open a known service port"
Hi
Just to make sure Smart Defense is not stopping the ftp port you could try and create a new ftp services but with out any of the advance settings configured.

then use the services in the rule base.

see if that makes any difference
Reply With Quote
  #3 (permalink)  
Old 2007-08-02
RayPesek RayPesek is offline
Senior Member
  
Join Date: 2006-03-19
Location: Northern Ohio
Posts: 835
RayPesek has an average reputation (10+)
Default Re: "tried to open a known service port"
Look for a SD setting for "allow connections to defined service ports" or something like that. As I recall, it's a three radio button selection and the default is not what you want. You want it allowed.

Ray
Reply With Quote
Reply

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 10:53.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0