All:
I have an acl on the outside interface of a pix that allows:
80 & 443 to a web server on the DMZ
25 to a mail server on the DMZ
and then has an explicit deny ip any any rule.
When a security company ran a strobe against the outside interface they
claim that both Telnet and Cisco Secure Telnet were open on the outside
interface (although they couldn't connect) and I have also verified that
port 80 is open with the following returned after a get /
<!-- $ID: //depot/prod/ontap/Rbrutus/prod/netcache/errors/500.html#1 $ -->
I couldn't verify the telnet ports were open (though I don't know what they
used to test, I used netcat), we do have remote administration enabled but I
remember reading somewhere that this was only on the inside interface
(though this might be version 4.x.x documentation).
Should any ports be open on the outside interface by default? Where is this
documented?
Any and all help gratefully received.
--Gary;
**********************************************************************
Information contained herein is the sole responsibility of the Individual
sending the message. No responsibility is admitted by Scottish Amicable
for any loss or damage incurred through use of the email. In addition, no
statement should be construed as giving investment advice within or
outside the United Kingdom.
An email reply to this address may be subject to interception or monitoring
for operational reasons or for lawful business practices.
*********************************************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Received on Dec 09 2000
Intro
