Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX - problem

Hi,

I have a question about PIX firewall :

1. I have connections from outside to inside throw 135 port.

PIX should deny this connections but it doesn't. I haven't rule on PIX that permit or deny these coonections.

How this can be that hosts from outside can establish connections to inside.

Thunks

4 REPLIES

Re: PIX - problem

Hi,

The pix indeed should deny those connections. I am afraid there is something wrong with the config.

Is it possible to post the config of the pix? Please remove public addresses and passwords.

Kind Regards,

Tom

New Member

Re: PIX - problem

Hi,

Unfortunately I can't post the PIX config because there a lot of confidential information. The host that in inside have no static. I have the following line in config: conduit permit icmp any any. Thats all. All other conduit commands for static addresses only.

What you think about this?

What additional information you need to know about our current configuration?

Thanks.

Gold

Re: PIX - problem

Hi,

As Tom said it would be helpful if we can see your config, One thing you could try is to goto www.grc.com and use SHIELDS UP software to test your PIX and see what other ports you might have open, if you get a result stating that your firewall is 'Stealthed' then thats a good sign but somehow I think you might have other ports open to the outside world. The grc.com test is secure and I've used it many times for penetration testing.

Let me/us know your results.

Thanks - Jay.

New Member

Re: PIX - problem

Thanks for advice.

We are testing PIX now. We have some addresses in NAT that have 135 port opened.

What you think about this?

95
Views
0
Helpful
4
Replies
CreatePlease to create content