[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: problem with ftp with FW-1 on solaris
From:       "Mailing List" <mailings () softhome ! net>
Date:       1998-11-27 20:34:57
[Download RAW message or body]

[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]
-
No, it doesn't, because the >1023 rule only applies to already established
FTP Data connections with an approved FTP Control connection...

Stuart

-----Original Message-----
From: Peter Capelli <pcapelli@nsec.net>
To: 'Jean Chouanard' <chouanard@parc.xerox.com>; 'Jerome Limozin'
<jlimozin@clj.co.jp>
Cc: 'Firewalls@lists.gnac.net' <Firewalls@Lists.GNAC.NET>
Date: 25 November 1998 12:05
Subject: RE: problem with ftp with FW-1 on solaris


>[To unsubscribe, send mail to majordomo@lists.gnac.net with
>"unsubscribe firewalls" in the body of the message.]
>-
>Hello all,
>
> Doesn't this have an adverse effect on services that actually
>use ports over 1023?  Rather, doesn't this make the firewall less
>secure?
>
>-Pete
>
>-----Original Message-----
>From: firewalls-owner@lists.gnac.net
>[mailto:firewalls-owner@lists.gnac.net]On Behalf Of Jean Chouanard
>Sent: Wednesday, November 25, 1998 12:17 PM
>To: Jerome Limozin
>Cc: Firewalls@lists.gnac.net
>Subject: Re: problem with ftp with FW-1 on solaris
>
>
>[To unsubscribe, send mail to majordomo@lists.gnac.net with
>"unsubscribe firewalls" in the body of the message.]
>-
>Jerome,
>
>I found the same bug fews weeks ago and posted a patch to the Checkpoint
>DL
>(See Bellow)
>
>You should also change the test on the non-privilege port to be greater
>than 1023 and not 1024 as it is (Both for NOTSERVER_TCP_PORT and
>NOTSERVER_UDP_PORT)
>
>Here is my original post (With the 1023 port corrected):
>
>>
>>     _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
>>    _/  Jerome Limozin - System administrator _/
>>   _/  Credit Lyonnais, Japan Branch         _/
>>  _/  Fax : (81) 3 5512 5796                _/
>> _/  jlimozin@clj.co.jp  /  jlz@iname.com  _/
>>_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
>
>   - jean -
>

[prev in list] [next in list] [prev in thread] [next in thread]