File downloads

[freak12]

New to checkpoint firewall and need some help.

Would like to put a rule in place to prevent downloading of certain file extensions (*.scr, *.asf, *.mpeg...)

Also a rule to prevent users from watching live broadcast over the web.

Thanks

 

[DTrix]

I do not think that checkpoint is capable of denying file extensions. If you find a way please let me know. As for the live broadcasts, I would assume you would have to block either the IP of the broadcasting server or the port(s) that is/are used by the software.

GL!

-D

 

[Guest_imported]

I don't think you can controle the file download based on extension with Checkpoint, Anti-virus Opsec will do it tho.

You might want to check into the FTP security server, the match tab could help. But I think it only support complete denial of PUT and GET.

As for live broadcast, you can do it by IP or the protocol it uses. If it's encapsulated in HTTP/80 it practycaly impossible but it can be done. You will have to recognize a common string to the protocole and create a service for it on checkpoint. You can then deny the service in a rule.

It basicaly like it was recommended to do for CodeRed and NIMDA except that the string will be what ever you found common in all communication to that live broadcast thing.

 

[freak12]

I have found a way to block file downloads by extensions with checkpoint. Check out the following links:

http://www.phoneboy.com/faq/0291.html

http://www.phoneboy.com/faq/0285.html

http://216.218.218.134/faq/0103.html

Hope this helps