Firewall Wizards mailing list archives
Re: Ports 256,257,258 open on FW-1
From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Fri, 11 Dec 1998 14:07:30 -0800
That means you've got "allow fw-1 control connections" turned on in the properties screen. Despite the original FW-1 docs, that's a bad thing. Check: http://www.checkpoint.com/techsupport/snmp/config/snmpindex.html Ryan John Lauderdale <hkit () hk super net> on 12/10/98 07:59:31 PM Please respond to John Lauderdale <hkit () hk super net> To: firewall-wizards () nfr net cc: (bcc: Ryan Russell/SYBASE) Subject: Ports 256,257,258 open on FW-1 I notice that ports 256,257,and 258 are open when our Firewall-1 is portscanned. Does anyone know what FW-1 uses these ports for? Should those ports be visible from the Internet? Regards, John Received: from tunnel.sybase.com ([130.214.231.88]) by ibwest.sybase.com (Lotus SMTP MTA Internal build v4.6.2 (651.2 6-10-1998)) with SMTP id 882566D7.00627F6F; Fri, 11 Dec 1998 09:55:51 -0800 Received: from smtp1.sybase.com (smtp1 [130.214.220.35]) by tunnel.sybase.com (8.8.4/8.8.4) with SMTP id JAA03683; Fri, 11 Dec 1998 09:55:52 -0800 (PST) Received: from halon.sybase.com by smtp1.sybase.com (4.1/SMI-4.1/SybH3.5-030896) id AA24015; Fri, 11 Dec 98 09:56:25 PST Received: from nfr.net (tower.nfr.net [208.196.145.10]) by halon.sybase.com (8.8.4/8.8.4) with ESMTP id JAA25366; Fri, 11 Dec 1998 09:54:52 -0800 (PST) Received: (from lists@localhost) by nfr.net (8.8.8/8.8.8) id KAA23370 for firewall-wizards-outgoing; Fri, 11 Dec 1998 10:15:01 -0600 (CST) Received: (from fwiz@localhost) by nfr.net (8.8.8/8.8.8) id KAA23365 for firewall-wizards () nfr net; Fri, 11 Dec 1998 10:14:58 -0600 (CST) Received: from mongkok.hk.super.net (mongkok.hk.super.net [202.14.67.46]) by nfr.net (8.8.8/8.8.8) with ESMTP id VAA05140 for <firewall-wizards () nfr net>; Thu, 10 Dec 1998 21:58:13 -0600 (CST) Received: from kwaifong.hk.super.net (root () kwaifong hk super net [202.14.67.7]) by mongkok.hk.super.net (8.8.8/8.8.8) with ESMTP id LAA08690 for <firewall-wizards () nfr net>; Fri, 11 Dec 1998 11:59:33 +0800 (HKT) Received: from is3.hk.super.net (hkit () is3 hk super net [202.14.67.36]) by kwaifong.hk.super.net with SMTP id LAA14018 for <firewall-wizards () nfr net>; Fri, 11 Dec 1998 11:59:33 +0800 (HKT) Date: Fri, 11 Dec 1998 11:59:31 +0800 (HKT) From: John Lauderdale <hkit () hk super net> To: firewall-wizards () nfr net Subject: Ports 256,257,258 open on FW-1 Message-Id: <Pine.SUN.3.95.981211115321.1505A-100000 () is3 hk super net> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-firewall-wizards () nfr net Precedence: bulk Reply-To: John Lauderdale <hkit () hk super net>
Current thread:
- Re: Ports 256,257,258 open on FW-1, (continued)
- Re: Ports 256,257,258 open on FW-1 Chris Brenton (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Dave Whitlow (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Chris Brenton (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Randolf-Heiko Skerka (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Dave Whitlow (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Darren Reed (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Peter J. Cherny (Dec 15)
- Re: Ports 256,257,258 open on FW-1 Lart (Dec 15)
- RE: Ports 256,257,258 open on FW-1 Joe Ippolito (Dec 18)
- Re: Ports 256,257,258 open on FW-1 mark s. kassem (Dec 12)
- RE: Ports 256,257,258 open on FW-1 Houser David DW (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Ryan Russell (Dec 14)
- Re: Ports 256,257,258 open on FW-1 Bruce B. Platt (Dec 18)
- Re: Ports 256,257,258 open on FW-1 jgalvin (Dec 22)
- RE: Ports 256,257,258 open on FW-1 Bruce B. Platt (Dec 24)
- Re: Ports 256,257,258 open on FW-1 jgalvin (Dec 22)
- RE: Ports 256,257,258 open on FW-1 jgalvin (Dec 24)
- RE: Ports 256,257,258 open on FW-1 Scot Anderson (Dec 26)
- Re: Ports 256,257,258 open on FW-1 Neil Buckley (Dec 28)
- RE: Ports 256,257,258 open on FW-1 Moser, Stefan (Dec 29)
- Re: Ports 256,257,258 open on FW-1 Chris Brenton (Dec 14)