Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
678
Views
0
Helpful
1
Replies

Audit of ASA5510

kumaramitsri
Level 1
Level 1

‎04-29-2011 03:52 AM - edited ‎03-11-2019 01:27 PM

Hi,

I have COSCO ASA5510 Firewall.

I want to audit of my firewall for following regards.

o IP directed broadcasts, unreachable & redirects are disallow

o Incoming packets at the router sourced with invalid addresses such as RFC1918 address (in gateway devices connected to internet) are disallow

o TCP small services are disallow

o UDP small services are disallow

o All source routing are disallow

o All web services running on device are disallow

o Proxy ARP is disallow

Kindly anyone help me to audit the as said in above.

Thanks

Kumar Amit

Labels:
0 Helpful
1 Reply 1

Maykol Rojas
Cisco Employee
Cisco Employee

‎04-29-2011 09:59 AM

Hi Kumar,

IP directed broadcasts, unreachable & redirects are disallow

R/ Checked.

Incoming  packets at the router sourced with invalid addresses such as RFC1918  address (in gateway devices connected to internet) are disallow

R/ By default if it is not permitted with an ACL, it will be dropped.

TCP small services are disallow

UDP small services are disallow

R/ Those two Im not quite sure if they are passing thru or to the ASA, in any case, no small services are allowed unless configured. Only icmp.

All web services running on device are disallow

R/You will need to do a sh run http and make sure http server is not enable

Proxy ARP is disallow

R/You will need to run the command

sysopt noproxyarp to disable proxyarp on the interfaces

Cheers

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card