×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ports go from stealth to closed or blocked on on scans after pix upgrade

Unanswered Question

I just upgraded a clients' pix from 6.0.1 to 6.2.2 sw and just for kicks, we went to a few online scan services such as grc and sygate to run a few scans against the PIX. Prior to the upgrade, any port showeed up as stealth or blocked. After the upgrade, we ran the tests again and the ports showed up as "closed".


WTF?

Granted, many online tests have to be taken with a grain of salt per their results, but still, it was quite shocking to the client. I rolled the pix back to 6.01 and re-ran the same tests, now they come back as stealth or blocked.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rstaaf Tue, 10/08/2002 - 20:02
User Badges:

Have you compared the config file from the 6.0.1 install to the config after the 6.2.2 upgrade to make sure that nothing has changed? I am not talking about the PDM, go in and print out the config and compare line for line. Also, what are you actually scanning, clients behind the pix or the outside interface of the pix?


Bob Staaf

Southern Web Services

Central, SC

The config is the same except for an alias command for 1 web server. I am referring to the outside interface of the pix. can't use the pdm with the alias command (prefer the cli anyway) and will replace the alias later on with the new DNS (nat?) feature. I will venture a guess that it may have to do with the new bi-directional nat feature.

Actions

This Discussion