I was informed by our security auditors that the http service on my asa outside interface is providing type details and is recommended to configure it to not disclose such detail. Not exactly sure what this means and the risk of having this on, but I'm in need of some assistance on accomplishing this task. Would someone shed some lights on this please using cli on IOS 7.2?
I'm not sure if this is what they mean but perhaps you have configured the following configuration on the ASA CLI
"http 0.0.0.0 0.0.0.0 outside" (Provided your ASA interface facing Internet is named "outside")
This would atleast make it possible for anyone to reach your ASDM launch/install page I suppose on the ASA. The one you yourself have probably used at some point when installing ASDM on your computer.
Personally majority of the ASAs that I configure arent reachable with ASDM from any network on the outside network. And also I dont use ASDM for anything else then monitoring and perhaps some VPN configurations.
Here is an example of the Web page I get if I just connect to the ASA from LAN with Web browser
It shows the ASDM version on the ASA
It doesnt exactly tell the version of ASA you are using but it does give you some information with which a person will know if you are using a PIX or ASA (maybe FWSM also, I really havent tested) and can get some idea what your actual ASA software level is.
Community Live Event Video
Are you ready to level up your security? Learn more about how Cisco SecureX can help you simplify your security and maximize operational efficiency.
This event talks about Cisco SecureX, its benefits, features, and usage. Th...
Hi all,I cannot understand why is something working very well they create a way to complicate things in Cisco ASA OS. I have a rule :object network LOCAL_ADRESS1 host 192.168.20.12 nat (VLAN20,outside) source static LOCAL_ADRESS1 interface&...
It is our pleasure to officially announce the finalists in the 2021 IT Blog Awards. We are now looking to our amazing tech community to check out the amazing line up of bloggers, vloggers and podcasters. Make sure to vote for your favorites...
Community Live Event Slides
This event talks about Cisco SecureX, its benefits, features, and usage. The session includes sample use cases and live demonstrations.
Cisco expert Luis Silva talks about how this solution can integrate Cisco technology and ...
Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Aruba Wireless AP (IAP) to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnect 4....