cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
762
Views
5
Helpful
5
Replies

Port scan

whiteford
Level 1
Level 1

We have a regional network coming into our DMZ on our Pix 515. We have an IP any any rule and have not locked down what ports they need to use (AD, Exchange, File server, internet). Is there a port monitor we can use to list all the ports over some time through our DMZ? Then we can use this to lock it down.

5 Replies 5

Danilo Dy
VIP Alumni
VIP Alumni

Free online scan tool http://www.qualys.com

I don't like to put a link here for port scanner. Post your email address and I will send the link to you.

got it thanks

Jon Marshall
Hall of Fame
Hall of Fame

Hi

Just as an alternative. You could have a

"permit ip any any log" on your pix. This would log all access on that DMZ. As you determine the ports you can modify the access-list to add in the individual port entries. Keep the permit ip any any log at the end until you have accounted for all the ports ie. all your other rules are catching the traffic and not your catch all rule.

Obviously this would generate a fair bit of logging so you'll need disk space and be aware of the additional bandwwidth being used.

HTH

Jon

For the loggin how where would I point it to? i am using ADSM?

Hi

You would need a syslog server to point the traffic to. Do you one of these ?

Jon

Review Cisco Networking for a $25 gift card