 | ||
 SmartDefense Update CPAI-2006-033 / CVE-2006-1359 | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-03-27 | |||
| |||
 SmartDefense Update CPAI-2006-033 / CVE-2006-1359 I've noticed that CheckPoint has indicated that some performance degradation may occur (depending upon traffic types) after enabling this protection. Has anyone noticed any adverse effects after enabling? Thanks! Reference: CheckPoint: Protection Against Microsoft Internet Explorer createTextRange () Vulnerability http://www.checkpoint.com/defense/ad...ai-27-Mar.html Microsoft Security Advisory (917077) http://www.microsoft.com/technet/sec...ry/917077.mspx CVE: Common Vulnerabilities and Exposures http://cve.mitre.org/cgi-bin/cvename...=CVE-2006-1359 McAfee: Exploit-CreateTxtRng http://vil.mcafeesecurity.com/vil/content/v_139047.htm  |
| 2006-03-28 | |||
| |||
| Re: SmartDefense Update CPAI-2006-033 / CVE-2006-1359 Cisco is blaming CheckPoint in competitive cheat sheet in low performance. As far as i remember Cisco states that Checkpoint with SmartDefence enabled can do only 4Mbps of "real world traffic" (this is the traffic mixture Cisco with a help of third part consultants discover and use for simulations and tests) on a maximum equipped hardware!!! Cisco using this numbers aggresivly. For me this is unbelievable. Checkpoint is stating that all protocol inspections (e.g. HTTP inspection for example) are moved from Security Servers to the kernel and are "very fast". But I think such complex inspections cam move this inspections back to the Security Servers :| We have done in home performance testing some time ago. We have used eval version of the Ixia traffic generator. We have found no difference between to hosts routed over Cisco Catalyst 3550 Switch and the same hosts routed over CheckPoint NGX SPLAT (near Gig performance). Undoubtedly our test environment and traffic patterns was pretty simple. |
| 2006-03-28 | |||
| |||
| Re: SmartDefense Update CPAI-2006-033 / CVE-2006-1359 Follow up: After enabling this update, our external Outlook Web Access (OWA) users began complaining that they could no longer open emails. The list of messages appears and, after double-clicking on a particular email, the new window opens but the message never displays. We are running Exchange 2003. SmartView Tracker shows the traffic being dropped by SmartDefense and cites rule number 99812. Has anyone else experienced this problem? Also, I've noticed difficulty in posting to some forums on the Internet when this was enabled, but I didn't track the traffic to verify it was being dropped by the same rule number. Thanks! |
| 2006-03-28 | |||
| |||
| Re: SmartDefense Update CPAI-2006-033 / CVE-2006-1359 may be with will bw helpful https://secureknowledge.checkpoint.c....do?id=sk26226 "Strange rule numbers appear when enabling SmartDefense protections (i.e., 99500, 99520, 99801, etc.)." I didn't see you number in this article. But it exists next 99810 Microsoft Internet Explorer - Detected COM Object (MS05-054) Vulnerability |
| 2006-04-02 | |||
| |||
| Re: SmartDefense Update CPAI-2006-033 / CVE-2006-1359 Quote:
|
| 2006-04-18 | |||
| |||
| Re: SmartDefense Update CPAI-2006-033 / CVE-2006-1359 Although I have not yet received an update on my CheckPoint case, Microsoft has issued KB912812 to address the "Internet Explorer createTextRange () Vulnerability". The bad news: Microsoft released this as a cumulative security update, which includes the changes made by KB912945. This is the patch that adversely affects ActiveX. The quasi-good news is: Microsoft has granted a temporary "reprieve" on these ActiveX changes with the release of KB917425, which reverses the change made by KB912945--but only until sometime in June. Summary: KB912945 - ActiveX Changes KB912812 - Addresses "Internet Explorer createTextRange () Vulnerability", as well as others. Also includes the ActiveX changes of KB912945. KB917425 - Temporarily reverses ActiveX changes of KB912945/KB912812 Reference: Microsoft Security Bulletin MS06-013 http://www.microsoft.com/technet/sec.../MS06-013.mspx MS06-013: Cumulative security update for Internet Explorer http://support.microsoft.com/?kbid=912812 Internet Explorer ActiveX update http://support.microsoft.com/kb/912945 Internet Explorer ActiveX compatibility patch for Mshtml.dll http://support.microsoft.com/kb/917425/ |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
