Check Point FireWall-1 Identification
Medium Nessus Plugin ID 10044
SynopsisThe remote firewall is leaking information.
DescriptionThe remote host has the three TCP ports 256, 257, and 258 open. It's very likely that this host is a Check Point FireWall/1.
A remote attacker could use this information to mount further attacks.
SolutionDo not allow any connections on the firewall itself, except for the firewall protocol, and allow that for trusted sources only.
If you have a router that performs packet filtering, add an ACL that disallows the connection to these ports for unauthorized systems.