RE: [fw-wiz] cisco pix does not log traffic targetted to itself?

From: Noonan, Wesley (Wesley_Noonan@bmc.com)
Date: 01/06/03

Next message: Paul E. Bauer Jr.: "[fw-wiz] Firewalls and IDS"
Previous message: Mikael Olsson: "Re: [fw-wiz] Phrack #60: "Java tears down the Firewall""
Maybe in reply to: Toh Kar Lai Catherine: "[fw-wiz] cisco pix does not log traffic targetted to itself?"
Next in thread: Gwendolynn ferch Elydyr: "RE: [fw-wiz] cisco pix does not log traffic targetted to itself?"
Reply: Gwendolynn ferch Elydyr: "RE: [fw-wiz] cisco pix does not log traffic targetted to itself?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Noonan, Wesley" <Wesley_Noonan@bmc.com>
To: "'Toh Kar Lai Catherine'" <kltoh@ncs.com.sg>, "'firewall-wizards@honor.icsalabs.com'" <firewall-wizards@honor.icsalabs.com>
Date: Mon Jan  6 11:25:02 2003

Not sure about your first question, as with my PIX when I scan it I get
stuff in the logs (are you sure you are logging at the proper level)?

As for the latter though, yes it deny's all by default (no need to insert
the rule).

HTH

Wes Noonan, MCSE/CCNA/CCDA/NNCSS
Senior QA Rep.
BMC Software, Inc.
(713) 918-2412
wnoonan@bmc.com
http://www.bmc.com

> -----Original Message-----
> From: Toh Kar Lai Catherine [mailto:kltoh@ncs.com.sg]
> Sent: Monday, January 06, 2003 03:53
> To: 'firewall-wizards@honor.icsalabs.com'
> Subject: [fw-wiz] cisco pix does not log traffic targetted to itself?
>
> My cisco pix firewall is logging denied traffic normally. However when I
> tried using a scanner to scan the cisco pix firewall itself, a few open
> ports were discovered but no traffic of the scan was captured in the log.
> In
> other words, the firewall didn't log my scan activity. What can I do to to
> ensure that any activity targetted to my firewall is logged?
>
> Also is it true that the cisco pix firewall deny all traffics that is not
> permitted in the rule-base BY DEFAULT? Is there a need to insert a last
> rule
> that deny any to any?
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Paul E. Bauer Jr.: "[fw-wiz] Firewalls and IDS"
Previous message: Mikael Olsson: "Re: [fw-wiz] Phrack #60: "Java tears down the Firewall""
Maybe in reply to: Toh Kar Lai Catherine: "[fw-wiz] cisco pix does not log traffic targetted to itself?"
Next in thread: Gwendolynn ferch Elydyr: "RE: [fw-wiz] cisco pix does not log traffic targetted to itself?"
Reply: Gwendolynn ferch Elydyr: "RE: [fw-wiz] cisco pix does not log traffic targetted to itself?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Fw: [fw-wiz] cisco pix does not log traffic targetted to itself?
... >> My cisco pix firewall is logging denied traffic normally. ... Well,be sure you are logging in the right level (see theoutput of the ... permit the traffic from a less secure ... In the normal ACLs there is an implied "deny all" at the end. ...
(Firewall-Wizards)
[fw-wiz] cisco pix does not log traffic targetted to itself?
... My cisco pix firewall is logging denied traffic normally. ... ports were discovered but no traffic of the scan was captured in the log. ... Also is it true that the cisco pix firewall deny all traffics that is not ...
(Firewall-Wizards)
[fw-wiz] Appropriate PIX logging level
... appropriate level of logging on a Cisco PIX firewall. ... complaint I get for increasing the logging level is because of lack of ... interface, src/dst IP, src/dst port, proto, allow/deny, rule applied ...
(Firewall-Wizards)
RE: [fw-wiz] cisco pix does not log traffic targetted to itself?
... Although IMHO it's good practice to explicitly state your deny all rule. ... >> My cisco pix firewall is logging denied traffic normally. ... >> Also is it true that the cisco pix firewall deny all traffics that is not ... desire for fish and an equally deep, passionate and profound desire to ...
(Firewall-Wizards)