10-26-2007 12:17 PM - edited 02-21-2020 01:44 AM
Remote management via ASDM/HTTPS on the Outside interface of the ASS5505 is configured and working over the Internet and is restricted to only a few host IP addresses. Access tried from any other Internet IP address does not work. However, when running a port scan from ANY Internet IP address, the ASA shows port 443 open. We have the same remote access configured for Telnet and SSH but those ports do NOT show open in a scan. How can I prevent the ASA from showing port 443 as open?
10-26-2007 02:11 PM
David, I have not read of a way to have an external public IP address configured on a device in the case the firewall to instruct to not show what ports is listening on or forwarding , port scanning will probe IP address until it finds one opened port but ASA have global IDS signatures funtionality to protect from DoS or other attacks. Also there are some other techniques in firewalls design where you have devices in front of firewalls to provide another layer of protection such as placing a router or IDS system before attackers even reach the firewall.
this is a good link to learn more about how to implement few of the many preventing network attacks and scanning threat detection techiques in your firewall
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/protect.html#wp1042020
HTH
Jorge
10-29-2007 05:59 AM
Thank you Jorge for your answer however, I have one additional question: Why wouldn't Telnet or SSH also show as available from the Internet like HTTPS does? I configured all 3 temporarily just to test. Thanks again.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide