Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX question - Is New Internet Worm blocked out of the box?

Am I right to assume that the handful of ports 69, 135, 139, 445 and 4444 are blocked by nature on the PIX? I have not expressly opened any of them as far as I can tell? I have looked around on the net and not found anyone talking about the PIX in conjunction with this worm. Thanks for you help.

5 REPLIES
Community Member

Re: PIX question - Is New Internet Worm blocked out of the box?

Traffic from outside to inside is denied unless permitted. If you are not allowing the traffic for above mentioned ports using access-list or conduit, you are fine.

Community Member

Re: PIX question - Is New Internet Worm blocked out of the box?

Thanks. It seemed that way, but I was worried that I had mis-understood my PIX documentation.

Gold

Re: PIX question - Is New Internet Worm blocked out of the box?

yea, it is blocked by default. but we should also search for the specific exe file. if the worm is already sitting at one of the inside hosts, then there would be a bit worry.

Community Member

Re: PIX question - Is New Internet Worm blocked out of the box?

These ports are blocked from outside to inside (inbound traffic) interfaces only. They are not blocked from inside to outside (outbound traffic). If you have an infected PC on your network, it will eventually start trying to spread outside of your network thru the firewall. I have seen this first hand. So be sure to block outbound traffic on these ports.

Community Member

Re: PIX question - Is New Internet Worm blocked out of the box?

How do I do this? I am a newbie and don't know much about the CLI. What statements must I type in in order to achieve this after I do the config t?

Thanks.

88
Views
0
Helpful
5
Replies
CreatePlease to create content