Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Participant

Checkpoint Hostname InfoDisclosure.

On a VSX MDS environment port scan perfomed against external IP of the firewall revealing information of the firewall host name.xxx and Smart Center Host( which is internal server) and i suppose this was against port 264?

 

I need to change the hostname for the smart center host which is Domain Management Server against internal IPs.I understand this is because smart center and security gateway names revealed in the CA.

 

what is the best approach to change this as i understand SIC will need resetting also.Any suggestions will be appreciated?

Thanks

 

0 Kudos
Reply
3 Replies
Employee
Employee

There are few SK that cover scenarios pertaining to tcp/264 e.g. sk69360 and sk60773

A workaround you may wish to investigate in the interim is as follows:

IMPORTANT: May impact Check Point Remote Access VPN client connectivity if used in the environment.

vpn_topo.png

Champion
Champion

Participant

Hi Chris_Atkinson and Danny
Thanks for above information

I would like to know to change the smartcenter hostname which was revealed in External Port scan 264 (what steps i will need to follow I believe SIC needs to re-established after changing the name?
I rather change the Smart center hostname to which reveals nothing obvious I am looking at this as an alternative approach for blocking port 264 on IPS or SmartEvent.

Many Thanks
0 Kudos
Reply