Jouni Forss Wed, 08/08/2007 - 00:05
User Badges:
  • Super Bronze, 10000 points or more

Im under the imperssion that no port is accessible from the outside interface on PIX unless you permit it with an ACL.

Though i guess it opens the ports it needs for return traffic that is initiated from the inside network. Otherwise it shouldnt have any ports open.

Then again im a total newbie when it comes to PIX firewalls but they should block any other ports other than return traffic ports and then its already traffic thats iniated from a trusted part of the network.

If you mean some way to show the connections and ports opened for traffic trough the PIX then i guess the command

pixfirewall# show conn all

would show the connections and their ports on the firewall.


This Discussion