Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
The attached file is the config on a new PIX 501. The inbound translation works but there is no outbound access. The routing and ip scheme is identical to the firewall that it is to replace. Can you see the problem ?
I inherited the management of a network that has a PIX 515 w/ PIX v6.1I know enough about PIX to add remove conduits etc. but there was an existing line that I don't understand. (ip's cleansed)conduit permit tcp 209.133.214.84 0.0.0.23 65.173.212.114...
A small business client has a PIX 515 w/V6.1. It is configured with an inbound static mapping to a Windows 2000 web/application server. There is a Port 80 conduit from "any" and ftp / telnet conduits from our office IP only.The Server has been the ...
Even with the external interface IP inlcuded it did not work. After I changed the outbound translation to the interface instead of another available IP and it did work. (But I have others that don't use the interface-IP for tranlation and they work ...
Thanks. The weird mask 0.0.0.23 that someone put in by mistake was interpreted as 0.0.0.0 - I guess it counts the leading bits in binary and saw only zeros. The effect of this conduit was "Permit TCP ANY ANY" which allowed an attack on this clients...
Thans for the reply. Because this was a daily occurance, I was able to capture frame-by-frame the attack and the first frame of communication with these remote sites was always an inbound port 139 query followed by port 445 queries. I was looking f...
I scanned the site with nmap and GRC over the weekend and only port 80 was exposed. Is there a known exploit of PIX 6.1 that involves Microsoft Netbios and Directory Services ? . . . because that appears to the problem.
