• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1997
  • Last Modified:

checkpoint firewall allow msdtc and rpc

Hi,

I need to allow the following through my checkpoint firewall r70.30
 •      MS RPC EndPoint
•      MS-DTC interface


It is possible to do this by protocol as apposed to just opening all the ports?
Also what about a UUID inside the packet?
0
neoptoent
Asked:
neoptoent
  • 3
  • 2
1 Solution
 
Ernie BeekCommented:
MS RPC EndPoint is TCP port 135 (UUID E1AF8308-5D1F-11C9-91A4-08002B14A0FA)
MS-DTC interface is TCP port 3372 (UUID 906B0CE0-C70B-1067-B317-00DD010662DA)

So you could do it on a per protocol base.
0
 
neoptoentAuthor Commented:
What about the high ports needed like 1024 - 65....
would those be covered in the protocol settings?
0
 
Ernie BeekCommented:
Depends on what you mean exactly.
If you are referring to return traffic, that is allowed by default.
If you are referring to additional incoming connections, the checkpoint is a stateful firewall. This means that it 'knows' that related incoming traffic (related to the initial setup over one of those ports) should be allowed as well.
So you should be ok with that.
0
 
neoptoentAuthor Commented:
Are those protocol built into checkpoint so that I could just select them?
0
 
Ernie BeekCommented:
I think so, they are quite common.
You'll have to create the rules though.

 How-to-configure-the-Security-Po.doc
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now