The PhoneBoy Blog

Simplifying Telecom, Mobile Phones, Gadgets, Health, and More!

FireWall-1 FAQ: RealAudio and HTTP Tunneling

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.

I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.

If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)

You can use the HTTP Security Server to deal with this in the current version. If you have CVP, you may be able to use the CVP server to screen out those MIME types. If you are not using a CVP server, you can do this with a wildcard URI. The URI Definition window would have the following in the “Match” tab:

Schemes: HTTP 
Methods: GET 
Host:    * 
Path:    {*/*.{ra,rm,ram},*.{ra,rm,ram}} 
Query:   *

You would then create a rule that uses this resource and denies access to anything matching this resource.

#Cybersecurity Evangelist, Podcaster, #noagenda Producer, Frequenter of shiny metal tubes, Expressor of personal opinions, and of course, a coffee achiever.