07-13-2001 10:45 AM - edited 03-08-2019 08:28 PM
Have there been any CSIDS signature updates to check for the Check Point RDP exploit that could allow an intruder to pass traffic through a Check Point Firewall-1 on port 259/UDP?
07-18-2001 10:27 PM
You can do this right now with a "connection signature" looking for
connections to port 259/UDP.
Regards,
-Mun
IDS Product Manager
07-19-2001 10:17 AM
Your solution will fire an alarm on any traffic trying to establish a vpn, or client authorization. Sounds like a lot of false alarms.
07-20-2001 08:06 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide