Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISS internet scanner

I scanned my PIX 515 firewall (running 5.1(3) using this software (ISS Internet Scanner) which has a database that lists vulnerablilites,etc. Well when it scanned us (I had a box on the outside scanning our outside interface) it said that there was a port open. Port 513/udp! What in the world? I do not specifically have that port open (it is for who which shows load on the hardware) It also said that I have a vulnerability...traceroute can go through the firewall. I don't understand this. Does anyone have any clues on this? Do the two "problems" I have anything to do with each other? How can I plug these up?


Susana Wraight

New Member

Re: ISS internet scanner

Start by moving off 5.1(3). There are a few security advisories at that might be reason to move to some newer code. PIX opens and closes ports dynamically all the time. Do you always get this 513 UDP open? ICMP is blocked by default. If you have a conduit permit icmp any any in your config, this could cause that problem. Again, start by upgrading and go from there.