Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
628
Views
0
Helpful
6
Replies

Port Scans

jw
Level 1
Level 1

‎01-31-2005 09:42 AM - edited ‎03-09-2019 10:10 AM

I have read and re-read the PIX 515E docs and do not see a way to block port scans or limiting the number of connections per IP. I know other firewalls will permit the limiting of connections from a source IP and will also block the IP's if it detects a port scan. Any suggestions would be appreciated.

Labels:
0 Helpful
6 Replies 6

jmia
Level 7
Level 7

‎01-31-2005 09:48 AM

Jeff,

What are you trying to do, are you trying to block IP address range or stop port scaning activities? If you are trying to stop port scaning then in config mode issue:

icmp deny any outside

and save with write mem

Go to www.grc.com and try the 'ShieldsUp' tool before and after you apply the above statement.

Hope this helps

Jay

0 Helpful

jmia
Level 7
Level 7

‎01-31-2005 09:50 AM

Jeff,

What are you trying to do, are you trying to block IP address range or stop port scaning activities? If you are trying to stop port scaning then in config mode issue:

icmp deny any outside

and save with write mem

Go to www.grc.com and try the 'ShieldsUp' tool before and after you apply the above statement.

Hope this helps

Jay

0 Helpful

davecs
Level 1
Level 1
In response to jmia

‎01-31-2005 04:11 PM

no offense but that wont do jack.

any hacker/cracker will be smart enough to turn of ping probing first.

a PIX cant really do this kind of activity - you could script up something which looks at logs and issues shun commands to the PIX - but its not in the PIX's scope.

maybe look at a IDS solution too!

0 Helpful

paulsa3598
Level 1
Level 1
In response to davecs

‎03-10-2005 10:47 AM

The shun command should take care of your problem. But this could cause problems if spoofs have your own IP address range. (Normally you wouldn't go out to come back in again. The PIX also comes with IDS.

0 Helpful

ditscap
Level 1
Level 1
In response to jmia

‎03-11-2005 08:25 AM

"icmp deny any outside"

That blocks ICMP destined for the outside interface, not the internal network.

0 Helpful

jmia
Level 7
Level 7

‎01-31-2005 09:50 AM

Jeff,

What are you trying to do, are you trying to block IP address range or stop port scaning activities? If you are trying to stop port scaning then in config mode issue:

icmp deny any outside

and save with write mem

Go to www.grc.com and try the 'ShieldsUp' tool before and after you apply the above statement.

Hope this helps

Jay

0 Helpful
Customers Also Viewed These Support Documents