Re: Pix 506 configuration changed (dont know how it happened)

juancho007 · ‎09-01-2005

Hello Everyone. i have a pix 506 which has been configured for almost a year. yesterday the entire configuration changed which caused network to stop working. this are some of the original commands and the changed commands

original lines:

access-list 101 (1) permit ip 10.0.0.0 255.255.255.0 192.168.1.0 255.255.255.0

conduit permit icmp any any

conduit permit tcp host 62.229.41.99 eq smtp any

conduit permit tcp host 62.229.41.99 eq pop3 any

this is what i got after:

access-list 101 (1) permit ip 10.0.0.0 255.255.255.0 192.168.1.0 255.255.255.0

conduit (0) permit icmp any any

conduit (0) permit tcp host 62.229.41.99 eq smtp any

conduit (0) permit tcp host 62.229.41.99 eq pop3 any

dont know if i got hacked or something else caused the pix to get into this situation.

thanks in advance for your help.

nkhawaja · ‎09-01-2005

i think some corruption happaned, did you fix it by rebooting? it doesnt look like a hack, since pix should not be taking the "conduit (0)" command at all.

what is the version you are running?

do you manage the PIX by some software?

thanks

Nadeem