Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
1
Replies

POP3 SMTP and UDP ports issue

andreademarchi
Level 1
Level 1

‎08-01-2005 11:35 PM - edited ‎03-09-2019 12:01 PM

Hi,

I have done a static from dmz to outside on my firewall and I have created an access-list on the interface outside where I permit only incoming traffic to the host through the port 443.

I have done a portscan and it seems that ports 25 and 110 TCP and some udp ports are opened. If I do telnet on the tcp ports there is a connection, but on the server there are no services for that ports.

How I can hidden the TCP and UDP ports from the portscan? Why the outside acl is bypassed? I have a PIX 515 IOS 6.3.

Thanks in advance fro your help

Labels:
0 Helpful
1 Reply 1

owillins
Level 6
Level 6

‎08-08-2005 06:30 AM

For port scan prevention capabilities, you must enable the Cloak system checkbox. Cloak system (prevent unauthorized port scans) This cloaking capability causes a system to not respond to connectivity tests (the system will not reply to a ping request) and to not respond to service requests with connectivity error messages. When cloaked, the system can hide itself from view on the network. A system generally sends out error messages when a remote machine sends a request for a service which is not running on the system. Often, this is how remote machines locate other systems and obtain network information about the system in an attempt to target it for an attack. By not responding, this prevents both UDP and TCP-based port scans of the system and basically hides it on the network.

0 Helpful
Customers Also Viewed These Support Documents