[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: Re: problem with ftp with FW-1 on solaris
From: "Mailing List" <mailings () softhome ! net>
Date: 1998-11-27 20:34:57
[Download RAW message or body]
[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]
-
No, it doesn't, because the >1023 rule only applies to already established
FTP Data connections with an approved FTP Control connection...
Stuart
-----Original Message-----
From: Peter Capelli <pcapelli@nsec.net>
To: 'Jean Chouanard' <chouanard@parc.xerox.com>; 'Jerome Limozin'
<jlimozin@clj.co.jp>
Cc: 'Firewalls@lists.gnac.net' <Firewalls@Lists.GNAC.NET>
Date: 25 November 1998 12:05
Subject: RE: problem with ftp with FW-1 on solaris
>[To unsubscribe, send mail to majordomo@lists.gnac.net with
>"unsubscribe firewalls" in the body of the message.]
>-
>Hello all,
>
> Doesn't this have an adverse effect on services that actually
>use ports over 1023? Rather, doesn't this make the firewall less
>secure?
>
>-Pete
>
>-----Original Message-----
>From: firewalls-owner@lists.gnac.net
>[mailto:firewalls-owner@lists.gnac.net]On Behalf Of Jean Chouanard
>Sent: Wednesday, November 25, 1998 12:17 PM
>To: Jerome Limozin
>Cc: Firewalls@lists.gnac.net
>Subject: Re: problem with ftp with FW-1 on solaris
>
>
>[To unsubscribe, send mail to majordomo@lists.gnac.net with
>"unsubscribe firewalls" in the body of the message.]
>-
>Jerome,
>
>I found the same bug fews weeks ago and posted a patch to the Checkpoint
>DL
>(See Bellow)
>
>You should also change the test on the non-privilege port to be greater
>than 1023 and not 1024 as it is (Both for NOTSERVER_TCP_PORT and
>NOTSERVER_UDP_PORT)
>
>Here is my original post (With the 1023 port corrected):
>
>>
>> _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
>> _/ Jerome Limozin - System administrator _/
>> _/ Credit Lyonnais, Japan Branch _/
>> _/ Fax : (81) 3 5512 5796 _/
>> _/ jlimozin@clj.co.jp / jlz@iname.com _/
>>_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
>
> - jean -
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic