[fw-wiz] PIX assessment

From: vulnerable (vulnerable_at_gmail.com)
Date: 09/26/05

  • Next message: Devdas Bhagat: "Re: [fw-wiz] The home user problem returns"
    To: firewall-wizards@honor.icsalabs.com
    Date: Mon, 26 Sep 2005 06:43:56 -0700
    
    

    hello all.

    I'm doing an assessment on the config of a pix running 6.3. Me not
    being much of a pix expert have a few questions.

    From reading documentation it is my understanding that if you have
    traffic flowing from inside (higher security level) to dmz (lower
    security level) interface then you will not require either an ACL or a
    static statement permitting this. However, this particular config is
    declaring transparent static's that the documentation I've read says
    is unnecessary. Any reasons why they may be doing this? I'm going
    through a rather long config (3000+ lines), and running some perl mojo
    I find that there are over 300 statics defined for addresses behind
    the inside interface. Useless? Something that perhaps the PDM does?

    Oh, I've also been trying to track down the latest rev of pixOS 6.3.
    Can't find it anywhere on cisco's public site.

    Also, I've been using the enterastream documentation (1) as a
    reference, is there anything else out there that is worth looking at?

    1) http://www.enterastream.com/whitepapers/cisco/pix/pix-practical-guide.html
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Devdas Bhagat: "Re: [fw-wiz] The home user problem returns"

    Relevant Pages

    • Sphinx 0.6 and 0.5.2, beta 1, released
      ... I'm proud to announce the release of Sphinx 0.6b1 and 0.5.2b1. ... see the new section in the documentation. ... The new config value ``rst_epilog`` can contain reST that is ... Autodoc now handles documented attributes. ...
      (comp.lang.python.announce)
    • Sphinx 0.6.1 and 0.5.2 released
      ... I'm proud to announce the release of Sphinx 0.6.1 and 0.5.2. ... see the new section in the documentation. ... The new config value ``rst_epilog`` can contain reST that is ... Autodoc now handles documented attributes. ...
      (comp.lang.python.announce)
    • [opensuse] Re: [opensuse-factory] Re: service ntp
      ... manual reading was required. ... I have seen several posts referring people to documentation about how to ... there is no mention in the config files that they do not work. ...
      (SuSE)
    • Re: Do you think this is a server issue or other?
      ... My dog hoards his toys too. ... Ask him to create a complete infrastructure documentation including ... configuration, VPN config, the ... way nothing is hidden all assets lists and configs are documented. ...
      (microsoft.public.windows.server.sbs)
    • Cellcore testing via CETK
      ... I've got another informational post here... ... To run the tests you need to have the config files ... the documentation but not referenced:-D ... B364-45ec-8421-5ACF34129C58} for the CSD data transfer test. ...
      (microsoft.public.windowsce.platbuilder)