|
Security Basics
mailing list archives
Re: Cisco PIX fixup protocol command
From: "kawaii ryuko" <trunks () stackers org>
Date: Wed, 11 Feb 2004 13:23:26 -0500
From: "S.Rohit" <s.rohit () usa net>
Sent: Wednesday, February 11, 2004 05:52
hi everyone....
might sound like a very stupid question to ask, but i am looking for
info
on wat is the use of fixup protocol commands on the Cisco PIX device. wat
is
the exact usage and significance of this commands? and wat are the
security
implications of this command? i know that some fixup's like say fixup
protocol
smtp are good cos of the way they restrict the SMTP command set but how
about
the general syntax [no] fixup protocol [service] [port]? what is this used
for
and wat are the security implications for this?
Good firewall policy means you know /exactly/ what ports are open and what
you are allowing through. Unless you are using a specific fixup service, it
is best to turn them off. Personally, I like to turn off all fixup protocols
and then open up ports as need be.
The fixup series of commands are basically shortcuts that let you open up a
service without having to go through all the individual ports (if I
understand it correctly.)
rohit
Ever lovable and always scrappy,
kawaii
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
| 
Intro
