Results of NMAP scan on IOS Zone Based Firewalls: Questions
I have a few 2911 ISR's running on my network that are running zone based or CBAC firewalls depending on when it was deployed. I am testing both configurations the following 2 NMAP scans with the following results which are puzzling.
1. TCP SYN Scan- shows that all ports are filtered. (Yay!)
2. TCP Connect Scan- Shows 2 ports open. (Boo!)
I feel confident in my configurations but am looking for council to help me understand why these come back open on a TCP Connect Scan.
So just to be sure my configs are solid, I have verified this to be the case on both a CBAC configuration with ACL denying just about everything from the outside and on a Zone Based firewall. I have also used shut down the IP http server and secure server. Doing a "Show IP HTTP Server status" shows it is disabled. I even ran the Cisco "Auto secure" command as an additional step locking it down but these ports are still showing open on a TCP connect scan.
ProblemTaking a snapshot of ISE virtual machines is not supported but it still happens occasionally due to administrators taking a snapshot manually or an integrated technology that automatically takes snapshots to back up VMs. When taking a snapsho...
Hi all, Is it available on Stealthwatch 7 Client or web interface the ability to import the Netflow Exporters names? I found only the possibility to configure manually the name of each Netflow Exporter, but not a bulk configuration.
User Experience Enhancements
As part of Cisco Customer Experience program, we are working towards a more uniform user experience and terminology harmonization. This program runs across all Cisco security products.
We are ali...
Join us on Thursday, October 10 at 10 am PT to meet the CEO and Founder of Cisco's most recent security investment.
In today’s cybersecurity arms race, how does Cisco stay one step ahead in the battle against attackers? One key strategy is keeping tabs on...