[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] security hole isakmp
hi, i scanned the firewall with nessus and get the following result . List of open ports : o isakmp (500/udp) (Security hole found) . Vulnerability found on port isakmp (500/udp) : The remote IPSEC server seems to have a problem negotiating bogus IKE requests. An attacker may use this flaw to disable your VPN remotely Solution: Contact your vendor for a patch Risk factor: High if i view the firwall log i saw that the connection to udp/500 was rejected if i make a tcpdump i saw that the port was unreachable 12:37:48.056664 scanner.1500 > firewall: udp 0 12:37:48.056684 firewall > scanner: icmp: 213.61.74.2 udp port 500 unreachable -does anybody know why nessus find the hole? -is there a workaround for this problem? thx for help Jo ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|