This setting enables the use of FTP through Firewall-1.
We recommend that this setting should be enabled, provided internal
users are allowed to do file downloading using FTP clients.
Enable FTP PASV Connections
This setting enables web browsers to do FTP downloads. Most (if not all)
web browsers today, including Internet Explorer and Netscape uses FTP PASV
connections for their file transfers (FTP://…..). FTP PASV
connections represent a higher security risk under certain conditions,
and should be applied carefully.
We recommend that this setting should be enabled, provided internal
users are allowed to do file downloading using their web browsers.
Enable RSH/REXEC Reverse stderr Connections
Allows RSH and REXEC to open reverse connections for the stderr file. Enabling
these services may represent certain security risks, and should be applied
carefully.
This setting should be disabled, unless there exists a documented need
for these services.
Enable RPC control
Enabling Remote Procedure Call may represent certain security risks, and
should be applied carefully. RPC may be used to obtain information on what
services are running (=available) on a given host.
This setting should be disabled, unless there exists a documented need
for these services.