Home page logo
/

basics logo Security Basics mailing list archives

Re: Protecting PIX Firewall at the Perimeter Router
From: <rsavage () nandomedia com>
Date: Tue, 5 Nov 2002 13:42:19 -0500 (EST)

Yes, snmp for one.  Then you might consider services you don't/won't ever
need to be seen from the internet (like sun rpc services, any type of
network back services, application service ports, etc.)

If you only need something like port 80 open, then map out a way to only
allow that port opened.  You can also build ACLs for other remote networks
to limit who accesses what.

I really can't give you more info since I am not sure what your network
setup is like.


-Rory


On Mon, 4 Nov 2002, Naman Latif wrote:

Hi All,

I wanted some suggestions\practical experiences for protecting a
Firewall wall at the Perimeter Router Level.

We have a PIX Firewall connected to our Cisco Router, which is connected
to the Internet. Should there be any IOS Firewall Rules in the Router,
other than blocking Telnet,FTP etc to the Firewall itself ?

PIX will be doing NAT, protecting DMZ machines, and IPSec connections.

Regards \\ Naman



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]