Jouni Forss Wed, 08/08/2007 - 00:05
User Badges:
  • Super Bronze, 10000 points or more

Im under the imperssion that no port is accessible from the outside interface on PIX unless you permit it with an ACL.


Though i guess it opens the ports it needs for return traffic that is initiated from the inside network. Otherwise it shouldnt have any ports open.


Then again im a total newbie when it comes to PIX firewalls but they should block any other ports other than return traffic ports and then its already traffic thats iniated from a trusted part of the network.


If you mean some way to show the connections and ports opened for traffic trough the PIX then i guess the command


pixfirewall# show conn all


would show the connections and their ports on the firewall.

Actions

This Discussion