RE: Cisco PIX fixup protocol command
From: Chris Curtiss (chrisc_at_VistaPrint.com)
Date: 02/11/04
- Previous message: Mike: "RE: iptables"
- Maybe in reply to: S.Rohit: "Cisco PIX fixup protocol command"
- Next in thread: James Turnbull: "Re: Cisco PIX fixup protocol command"
- Reply: James Turnbull: "Re: Cisco PIX fixup protocol command"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 11 Feb 2004 14:02:24 -0500 To: "S.Rohit" <s.rohit@usa.net>, <security-basics@securityfocus.com>
FWIW, I have experienced problems with fixup SMTP, using a Postfix relay behind a PIX 515e.
There was a bug, reported fixed over a year ago by Cisco, relating to interoperability with Postfix, but I was still unable to make it play with a large set of inbound mail. We ended up having to turn it off and letting Postfix do its thing.
The only opion offered by a Cisco consultant I know was "What's a Postfix, use Sendmail".
Chris
> -----Original Message-----
> From: S.Rohit [mailto:s.rohit@usa.net]
> Sent: Wednesday, February 11, 2004 5:53 AM
> To: security-basics@securityfocus.com
> Subject: Cisco PIX fixup protocol command
>
>
> hi everyone....
>
> might sound like a very stupid question to ask, but i am
> looking for info
> on wat is the use of fixup protocol commands on the Cisco PIX
> device. wat is
> the exact usage and significance of this commands? and wat
> are the security
> implications of this command? i know that some fixup's like
> say fixup protocol
> smtp are good cos of the way they restrict the SMTP command
> set but how about
> the general syntax [no] fixup protocol [service] [port]? what
> is this used for
> and wat are the security implications for this?
>
> i am asking this because i'm seeing a recommendation in
> some PIX hardening
> guide to disable fixups or they flag fixups as a security
> issue? y is tat?
>
> rohit
>
>
>
> --------------------------------------------------------------
> -------------
> Free trial: Astaro Security Linux -- firewall with Spam/Virus
> Protection
>
> Protect your network with the comprehensive security solution that
> integrates six applications for ease of use and lower TCO.
>
> Firewall - Virus protection - Spam protection - URL blocking - VPN
> - Wireless security.
>
> Download 30-day evaluation at:
> http://www.astaro.com/php/contact/securityfocus.php
> --------------------------------------------------------------
> --------------
>
>
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
- Previous message: Mike: "RE: iptables"
- Maybe in reply to: S.Rohit: "Cisco PIX fixup protocol command"
- Next in thread: James Turnbull: "Re: Cisco PIX fixup protocol command"
- Reply: James Turnbull: "Re: Cisco PIX fixup protocol command"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
