how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30

nivesh_singh — Mon, 24 Jul 2017 10:18:19 GMT

900/tcp port is open in Checkpoint R77.30 which is running omginitialrefs? service. This makes it vulnerable to clickjacking. Kindly help me with this.

Re: how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30

PhoneBoy — Mon, 24 Jul 2017 12:56:21 GMT

Best practice is to have a stealth rule blocking all traffic to the firewall, even from internal networks.

The fact this port is showing up at all suggests you either don't have this rule, it is misconfigured, or you are using Client Authentication, which is a legacy feature.

Unless you are using Client Authentication, there's no reason this port should be accessed at all.

If you are using Client Authentication, I strongly encourage you to move to Identity Awareness.

topic Re: how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30 in General Topics

how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30

Re: how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30