Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ar_engineer
Participant

Checkpoint Hostname InfoDisclosure.

On a VSX MDS environment port scan perfomed against external IP of the firewall revealing information of the firewall host name.xxx and Smart Center Host( which is internal server) and i suppose this was against port 264?

 

I need to change the hostname for the smart center host which is Domain Management Server against internal IPs.I understand this is because smart center and security gateway names revealed in the CA.

 

what is the best approach to change this as i understand SIC will need resetting also.Any suggestions will be appreciated?

Thanks

 

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee

There are few SK that cover scenarios pertaining to tcp/264 e.g. sk69360 and sk60773

A workaround you may wish to investigate in the interim is as follows:

IMPORTANT: May impact Check Point Remote Access VPN client connectivity if used in the environment.

vpn_topo.png

CCSM R77/R80/ELITE
Danny
Champion Champion
Champion

ar_engineer
Participant

Hi Chris_Atkinson and Danny
Thanks for above information

I would like to know to change the smartcenter hostname which was revealed in External Port scan 264 (what steps i will need to follow I believe SIC needs to re-established after changing the name?
I rather change the Smart center hostname to which reveals nothing obvious I am looking at this as an alternative approach for blocking port 264 on IPS or SmartEvent.

Many Thanks
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events