I am configuring pix515 using pdm.can any one tell me what is the advantegous of putting java applet and acitveX control on the filter rule.Does it will effect my present working setup.If any links are regd the above pls send me also
The filter java command filters out Java applets that return to the PIX Firewall from an outbound connection. The user still receives the HTML page, but the web page source for the applet is commented out so that the applet cannot execute. Use 0 for the local_ip or foreign_ip IP addresses to mean all hosts.
Note If Java applets are known to be in
To specify that all outbound connections have Java applet blocking, use the following command:
filter java 80 0 0 0 0
This command specifies that the Java applet blocking applies to Web traffic on port 80 from any local host and for connections to any foreign host.
The following example specifies that Java applet blocking applies to web traffic on port 80 from local subnet
10.10.10.0 and for connections to any foreign host:
The filter activex command filters out ActiveX, Java applets, and other HTML
As a technology, it creates many potential problems for the network clients including causing workstations to fail, introducing network security problems, or be used to attack servers.
This feature blocks the HTML
Note The
ActiveX blocking does not occur when users access an IP address referenced by the alias command.
To specify that all outbound connections have ActiveX blocking, use the following command:
filter activex 80 0 0 0 0
This command specifies that the ActiveX blocking applies to Web traffic on port 80 from any local host and for connections to any foreign host.
