[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] AW: [FW-1] NG: ftp reject: reason tried to open tcp se rvice port, port XYZ
Hi How do you fix this problem in 4.1? Same way? Regards, Torkel > -----Original Message----- > From: Schaar, Norbert [mailto:[email protected]] > Sent: 13. mai 2002 18:16 > To: [email protected] > Subject: [FW-1] AW: [FW-1] NG: ftp reject: reason tried to open tcp > service port, port XYZ > > > Of course, there is a way to change this behaviour even under > NG but it will > disable the port check functionality of all ftp data > connections, don't know > if this is really what you want. However, Check Point is > suggesting not to > do base.def changes in NG anymore but to call the technical > Service instead. > This should be the path to go, I think and, therefore, you > didnÄt find any > hint. > Well, the way FW-1 does this "dangerous port check" was > seriously changed > with NG FP2. The appropriate function definitions consists of > new kernel > function calls and when you change the wrong part, you will > loose ALL ftp > data connectivity... > If you don't be afraid about that, go to the FTP macro > definition part in > base.def, find the NOTSERVER_TCP_PORT function (should be > there two times) > and replace the segment register there with a port number of > you choice that > will never be used as a service. This will do the trick but, > again, I would > stay away from that for support and security reasons. > > -----Ursprüngliche Nachricht----- > Von: egonle [mailto:[email protected]] > Gesendet: Montag, 13. Mai 2002 09:14 > An: [email protected] > Betreff: [FW-1] NG: ftp reject: reason tried to open tcp > service port, port > XYZ > > > Hi, > > after upgrading our NG management server, v4.1SP5 modules > reject different > ftp session with the following info message: > reason: tried to open tcp service port, port XYZ > > There's a secureknowledge document regarding this issue for the v4.1 > management server however I didn't find any hint how to change this > behaviour for NG. Anyone else? > > Regards, > Egonle. > > __________________________________________________________________ > Nur bei Netscape: Ihr KOSTENLOSER Netscape WebMail-Account > und der Instant > Messenger unter http://www.netscape.de > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|