Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Almal_Luna
Explorer

Ports 18265, 18190, 19009 are exposed via Internet

Hello team, 

 

After a deploy with a new device, we see our WAN interfaz is reachable through these ports: 18265, 18190, 19009

Our device is SG 6200 Gaia R80.30.

 

In other devices as SG 2200 R77.30 and SG 5100 R80.10 their IP's are not reachable through those ports.

 

I understand this is normal but only internal communication, not exposed to internet due ICA services, but I'm affiard it could be a vulnerability.

 

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

18190 and 19009 are for SmartConsole, and 18265 is the ICA Tool.
Which suggests this gateway is also a management station (i.e. you've installed it standalone).
That might be...expected behavior.

You can disable ICA tool via: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 
Access to the other two ports should be controlled by GUI clients setting in cpconfig.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events