Security Basics mailing list archives

Re: Question regarding Cisco PIX's PDM

From: "Spyro" <spyromalas () veggiefest com>
Date: Sat, 22 Nov 2003 10:56:43 -0600

I have to say that using the PDM is a nightmare waiting to happen.
Oftentimes I have seen that the config changes you make through the PDM do
not reflect in the config on the PIX itself when you show conf.  Making
oneself familiar with the CLI is a much better way to go in my opinion.

I have been working with PIX's for over two years on a frequent basis.
Additionally you will have a much better idea of what is going on when it
comes time for troubleshooting, debugs, and error messages.

Spyro Malaspinas, CISSP
CCSE Plus, CSPFA, NSA, CCNA
----- Original Message ----- 
From: "Craig Janssen" <cjanssen () mail millikin edu>
To: <erisk () iinet net au>; <security-basics () securityfocus com>
Sent: Thursday, November 13, 2003 2:24 PM
Subject: Re: Question regarding Cisco PIX's PDM

The config command I use to specify the addresses that are allowed to
access the PDM is:

http server enable
http <ip address> <subnet mask> <if-name>

So, if you wanted to allow host 192.168.0.100 to access PDM on the
inside, issue the command

http 192.168.0.100 255.255.255.255 inside

All requests from any other address will be ignored.

Craig

______________________________
Craig Janssen, MCP, A+
Network and Internet Services Manager
Millikin University Information Technology Dept
(217) 362-6488
cjanssen () mail millikin edu

"erisk" <erisk () iinet net au> 11/12/03 03:23AM >>>

Hi,

I have a question regarding the PDM command...

How does one limit PDM access to people/clients on the inside
interface...
Do you have to define an explicit ACL for https for the PIX's internal
interface? Will this still stop it or are there other commands that you
can
use??

Regards


--------------------------------------------------------------------------

Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services
security to
simplify the management and deployment of PGP and reduce overall PGP
costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027

--------------------------------------------------------------------------

--



--------------------------------------------------------------------------

Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security

to

simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
--------------------------------------------------------------------------

--



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Question regarding Cisco PIX's PDM erisk (Nov 13)
- Re: Question regarding Cisco PIX's PDM White-Tiger (Nov 14)
- <Possible follow-ups>
- RE: Question regarding Cisco PIX's PDM Cherian M. Palayoor (Nov 14)
- RE: Question regarding Cisco PIX's PDM Jennifer Fountain (Nov 14)
- Re: Question regarding Cisco PIX's PDM Greg Owens (Nov 14)
- RE: Question regarding Cisco PIX's PDM Nuno Ferreira (Nov 14)
- Re: Question regarding Cisco PIX's PDM Craig Janssen (Nov 14)
  - Re: Question regarding Cisco PIX's PDM Spyro (Nov 23)
- Re: Question regarding Cisco PIX's PDM Ivan Coric (Nov 14)