Check Point Session Layer Attack Prevention Safeguards and Attacks Blocked

Attack Prevention Safeguards and Attacks Blocked

Session Layer

FireWall-1 NG with Application Intelligence blocks many attacks and provides numerous attack prevention safeguards. This table lists some of these defenses and organizes them by protocol and OSI Model layer.

Note: Check Point continually expands the breadth of defenses provided. This table is a snapshot not an exhaustive list.

Application Layer |

Session Layer |

Transport Layer |

Network Layer |

Session Layer
Attack Prevention Safeguards	Attacks Blocked
RPC
Block RPC portmapper exploits	ToolTalk Attacks snmpXdmid Attack rstat Attacks mountd Attack cmsd Attack cachefsd Attack
DEC-RPC
Block DCE-RPC portmapper exploits
HTTP Proxy
HTTP Proxy enforcement: Enforce HTTP session logic in proxy mode
VPN
Validate digital certificates used against Certificate Revocation List Monitor for pre-shared secrets vulnerability	IKE Brute Force Attack Hub-and-Spoke Topology Attack IKE UDP DoS Attack Windows 2000 IKE DoS Attack VPN IP Spoffing Attack VPN Man-in-the-Middle Attacks