12-23-2003 10:47 PM - edited 02-20-2020 11:10 PM
Hi,
I have a question about PIX firewall :
1. I have connections from outside to inside throw 135 port.
PIX should deny this connections but it doesn't. I haven't rule on PIX that permit or deny these coonections.
How this can be that hosts from outside can establish connections to inside.
Thunks
12-23-2003 11:49 PM
Hi,
The pix indeed should deny those connections. I am afraid there is something wrong with the config.
Is it possible to post the config of the pix? Please remove public addresses and passwords.
Kind Regards,
Tom
12-24-2003 02:25 AM
Hi,
Unfortunately I can't post the PIX config because there a lot of confidential information. The host that in inside have no static. I have the following line in config: conduit permit icmp any any. Thats all. All other conduit commands for static addresses only.
What you think about this?
What additional information you need to know about our current configuration?
Thanks.
12-24-2003 03:02 AM
Hi,
As Tom said it would be helpful if we can see your config, One thing you could try is to goto www.grc.com and use SHIELDS UP software to test your PIX and see what other ports you might have open, if you get a result stating that your firewall is 'Stealthed' then thats a good sign but somehow I think you might have other ports open to the outside world. The grc.com test is secure and I've used it many times for penetration testing.
Let me/us know your results.
Thanks - Jay.
12-24-2003 05:36 AM
Thanks for advice.
We are testing PIX now. We have some addresses in NAT that have 135 port opened.
What you think about this?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide