This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
destan_dee
Explorer
‎2018-11-24 10:22 AM

:protocol (-1)

Hello

can someone help to understand why there are services with protocol (-1) in object db of managmnet server configuration.

example:

            :exp ("udp, dport = 1604")
            :include_in_any (false)
            :is_default_aggressive_timeout (true)
            :needruleinfo (false)
            :prohibit_aggressive_aging (false)
            :proto_type ()
            :protocol (-1)
            :reload_proof (false)
            :replies (true)
            :sync_on_cluster (true)
            :timeout (0)

thanks

destan

3 Replies
PhoneBoy
Admin
Admin
‎2018-11-24 02:06 PM

Based on this snippet, this appears to be a service of type Other.

exp is clearly INSPECT, which is how you define services of type other.

In this case, the service will match udp packets where the destination port is 1604.

0 Kudos
destan_dee
Explorer
‎2018-11-25 02:31 AM

thank you,

if it is normal udp why is not like any other udp protocol (17) ?

if this service is in use (-1) is it going to course any issue?

br

0 Kudos
PhoneBoy
Admin
Admin
‎2018-11-25 07:49 AM
In response to destan_dee

Because this particular service was defined as type Other for some reason versus a simple TCP/UDP service.

It should be fine.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top