10-31-2007 11:58 AM - edited 02-21-2020 01:45 AM
I need to scrub (overwrite) the non-volatile memory of a PIX-506E for security purposes... anyone have any idea how to accomplish this? It's just a Flash EPROM, right?
I've found a couple different commands for clearing flash, etc., but they all refer to specific router models, not PIX firewalls.
Any help is greatly appreciated.
10-31-2007 01:17 PM
Hi, if you want to clear all pix config why don't just set the device to factory defaults or erase all current config, you could do it in couple of ways..either do it with a " write erase " to erase configuration from flash then reboot,
or set the pix to factory defaults.
e.g
on enable mode issue "configure factory-default "
HTH
Jorge
11-19-2007 01:30 PM
Thats part of it, but I need to erase everything on the flash, not just the config (unless that is all that is stored there)
I noticed a jumper near the battery called "J5", does this also work for a reset?
11-19-2007 02:15 PM
Normally you don't need to go that far with jumpers, the seting to factofy defaults is good, however, " write erase " command followed by a "reload " from console connection should completely erase any configuration from firewall. You can confirm this by after reloading issue " show start " or " show run " and you will see the configuration is gone.
Rgds
Jorge
11-19-2007 02:20 PM
Thanks Jorge,
This situation is slightly different. I'm not just trying to clear the config for a fresh start or recovery, but actually clear the entire flash and any other non-volatile memory on the PIX for security reasons. So I need to do anything possible to clear the PIX, even above and beyond normal recovery steps.
Is the config the only thing stored in flash memory? Does the jumper clear the flash or does it clear something else?
11-19-2007 03:13 PM
Have not explored the complete deletion of flash on PIXs but you may try " clear flashfs " and see if that works.
http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/c.html#wp1091147
11-19-2007 07:57 PM
you also need to zeroize any rsa keys that might have been created.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide