mailing list archives
RE: Protecting PIX Firewall at the Perimeter Router
From: "Gordon Brandt" <gbrandt () apwagner com>
Date: Tue, 5 Nov 2002 14:07:15 -0500
Cisco has some very good documents on their site regarding the basic
security configurations for routers. I do not, unfortunately, have the URL.
That being said, there are a few things that you may want to place on your
1. Block incoming traffic originating at RFC1918 private addresses. There
is no reason why these should be coming into your network other than to
2. Block inbound traffic such as SNMP unless you actually want this coming
in from the internet
Those are the two things that I remember most clearly as the best
suggestions for gateway routers
Hope it helps
AP Wagner Inc.
2205 George Urban Blvd.
Depew, NY 14043
Work: (716) 961-7119
Fax: (716) 856-4779
From: Naman Latif [mailto:naman.latif () inamed com]
Sent: Monday, November 04, 2002 8:47 PM
To: security-basics () security-focus com
Subject: Protecting PIX Firewall at the Perimeter Router
I wanted some suggestions\practical experiences for protecting a
Firewall wall at the Perimeter Router Level.
We have a PIX Firewall connected to our Cisco Router, which
to the Internet. Should there be any IOS Firewall Rules in the Router,
other than blocking Telnet,FTP etc to the Firewall itself ?
PIX will be doing NAT, protecting DMZ machines, and IPSec connections.
Regards \\ Naman