cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30

900/tcp port is open in Checkpoint R77.30 which is running omginitialrefs? service. This makes it vulnerable to clickjacking. Kindly help me with this.

0 Kudos
1 Reply
Admin
Admin

Re: how to set an X-Frame-Options response header to avoid clickjacking vulnerability, on Checkpoint R77.30

Best practice is to have a stealth rule blocking all traffic to the firewall, even from internal networks.

The fact this port is showing up at all suggests you either don't have this rule, it is misconfigured, or you are using Client Authentication, which is a legacy feature.

Unless you are using Client Authentication, there's no reason this port should be accessed at all.

If you are using Client Authentication, I strongly encourage you to move to Identity Awareness.