(Checkpoint NG) Which ports come under Service "ANY"?
am 05.01.2007 17:04:52 von Subi
Admins,
Strange but I have not come across a single document that explains what
are all the services that would come if we enable "ANY" under Service
for a Security Rule.
I started searching for this when users reported that they are unable
to use Terminal services (TCP Port 3389) whilst I can see service "ANY"
has been enabled for their traffic.
"ANY" - allows only Known ports (1-1024)??
Does "ANY" includes ICMP traffic too??
Curious to be enlightened. Thanks in advance.
Re: (Checkpoint NG) Which ports come under Service "ANY"?
am 05.01.2007 18:23:37 von dogbert
Subi wrote:
> Admins,
>
> Strange but I have not come across a single document that explains what
> are all the services that would come if we enable "ANY" under Service
> for a Security Rule.
>
> I started searching for this when users reported that they are unable
> to use Terminal services (TCP Port 3389) whilst I can see service "ANY"
> has been enabled for their traffic.
>
> "ANY" - allows only Known ports (1-1024)??
> Does "ANY" includes ICMP traffic too??
>
> Curious to be enlightened. Thanks in advance.
>
Usually ANY means ANY. There are exceptions that need to be enabled specifically
(usually X11).
Try having a look at the logs. Maybe there is a specific reason for the drop.
--
--------------------------------------------------------
- Togli NO SPAM per rispondermi direttamente -
--------------------------------------------------------
- http://www.riccardofontana.it/ -
--------------------------------------------------------
- -
- Monsieur Perrier: "Lei cosa ne pensa ?" -
- MrWong: "Io perplesso." -
- Alce: "Io SONO perplesso... ci vorra' un -
- verbo qualche volta.... lei mi porta -
- alla PAZZIA !!!!!! -
- -
--------------------------------------------------------
Re: (Checkpoint NG) Which ports come under Service "ANY"?
am 07.01.2007 08:25:38 von Wayne McGlinn
"Subi" wrote in message
news:1168013091.992787.312320@s34g2000cwa.googlegroups.com.. .
> Admins,
>
> Strange but I have not come across a single document that explains what
> are all the services that would come if we enable "ANY" under Service
> for a Security Rule.
>
> I started searching for this when users reported that they are unable
> to use Terminal services (TCP Port 3389) whilst I can see service "ANY"
> has been enabled for their traffic.
>
> "ANY" - allows only Known ports (1-1024)??
> Does "ANY" includes ICMP traffic too??
>
> Curious to be enlightened. Thanks in advance.
>
"Any" means any service/port defined in Checkpoint. You need to create a new
"service" for TCP port 3389 (I use MS_RDP as the name). There are a number
of *.def files in %fwdir%\lib that are responsible for defining known ports
and services.
Wayne McGlinn
Brisbane, Oz